It's weird that Google is having all these idiotic ideas while we have Zapstore running with pure web of trust dev keys.
https://arstechnica.com/gadgets/2025/10/google-confirms-android-dev-verificatio...
Time for me to ask a dumb question, 25 years after studying cryptography in university:
When I try to verify signatures using gpg it's not fully successful, and therefore I'm just accustomed to ignoring it
I guess it's because I haven't told gpg that there is any public key that I can mark as being genuine
How do I fix that? For example, if I met you at a conference and you gave me your public key, how could I tell my gpg that I trust that key?
When I try to verify signatures using gpg it's not fully successful, and therefore I'm just accustomed to ignoring it
I guess it's because I haven't told gpg that there is any public key that I can mark as being genuine
How do I fix that? For example, if I met you at a conference and you gave me your public key, how could I tell my gpg that I trust that key?
❤️1