IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- They may contain special characters and trick the user. The
current way to detect dodgy characters and escape them may not be
the best, but it is better than the status quo, and we now encode
intent.
- By using more than one keyserver, we increase the chance of
successfully finding certificates and updates. Further, multipath
discovery increases robustness in the face of an attacker or
censor.
- We use keys.openpgp.org, the Proton key server, the Mailvelope
keyserver, and the Ubuntu keyserver.
- Now that we query multiple keyservers, or query for multiple certs
in the network routines, we very well get the same cert twice.
Merge them if we emit a keyring.
- I was assured privately that they should always return the same
information, but unfortunately there is no public documentation
about the Proton key server. In any case, they are controlled by
the same entity, thus should be considered the same for our
purposes.
- On October 18, 2021, Sequoia PGP's license was changed from the
GPL to the LGPL. Unfortunately, we forgot to update sq's license.
- See 884639bf1b
- Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
later as unanimously decided on October 18, 2021 by:
- Christof Wahl <cw@pep.security> (pEp security CEO)
- Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
employee, Sequoia developer)
- Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
employee, Sequoia Founder)
- Neal H. Walfield <neal@pep.foundation> (pEp Foundation
employee, Sequoia Founder)
- Patrick Meier <pm@pep.security> (pEp security Chief Product
and Service Officer)
- Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
Board)
- Volker Birk <vb@pep.security> (pEp security Founder, pEp
Foundation Council)
- The dot-writer crate is unmaintained, and prevents upgrading sq in
Fedora. As a short-term workaround, we make this dependency
optional so that it can be easily patched out by packagers. The
same has been done for the sq-wot tool.
- https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/51
- https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/47
- If the situation improves, either because the crate is maintained
again, or we port to a different crate, we can easily undo this
change.
- Also, remove all the examples that use the dot output format. Not
only is it awkward to make these examples optional, the existing
examples are also very repetetive, as they duplicate an existing
example, and only change the output format.
- Fixes#146.
- Currently, sequoia-openpgp miscomputes notarization
signatures (see
https://gitlab.com/sequoia-pgp/sequoia/-/issues/1041) and fixing
that has proven to be difficult. Disable this functionality until
we sorted out the underlying implementation.
- Our method of padding messages is not universally supported by
consuming implementations:
https://tests.sequoia-pgp.org/#Packet_excess_consumption
- Disable it for now. Once we support generating v6 OpenPGP
messages, we can enable it again with the new padding packet.
- `sq verify --detached <SIG>` and `sq wkd generate <WEB-ROOT>` take
paths, but the argument type is a String. We should use a PathBuf
instead, as paths, unlike strings, do not have to be valid UTF-8
strings.
- Fixes#154.
- See #13.
- Have clap do the conversion from a string to `cli::Time` for the
`--time` argument to `sq`.
- Implement `cli::Time::now` to return the current time, and
`cli::Time::openpgp` to convert the time to a time that is
representable as an OpenPGP timestamp, if possible.
- See #13.