distribution-gpg-keys icon indicating copy to clipboard operation
distribution-gpg-keys copied to clipboard

Published 20 hours ago verified publisher icon xsuchy

Script for fetching Tor developers' keys

Open andrewclausen opened this issue 4 years ago • 2 comments

I have written two shell scripts:

  1. One fetches the Tor developers' keys. It gets a list of key ids from the Tor website, and then fetches the keys from a GPG key server.

  2. The other periodically checks if the keys have changed.

Neither script is polished -- just enough for me to be able to send keys in a timely manner.

Should I send a pull request with the scripts and the keys? Or just the keys?

andrewclausen avatar Jul 18 '20 12:07 andrewclausen

After some discussion on tor-dev, the Tor developers would like to get their keys in better order before publishing something like this. The keys published on their website are long out of date.

andrewclausen avatar Jul 24 '20 10:07 andrewclausen

I would prefer PR for both script and keys. So people can replicate your steps in future.

xsuchy avatar Aug 04 '20 10:08 xsuchy