mirror of
https://github.com/dashpay/dash.git
synced 2024-12-25 20:12:57 +01:00
8bcfec2167
90f1f849e9f5a0c1855b72824af38b9aa24d5287 doc: Suggest `keys.openpgp.org` as keyserver in SECURITY.md (Tim Ruffing) Pull request description: `--recv-keys` without a `--keyserver` arg simply failed for me on a fresh Arch Linux installation, so I think it's a good idea to suggest a keyserver. OpenPGP ecosystem is broken in a number of ways, so the right way to approach this issue has some potential for bikeshedding. But the only thing that this PR does is to keep `SECURITY.md` in line with the instructions for builder keys, where there was agreement on switching to `keys.openpgp.org` (#22688). ACKs for top commit: MarcoFalke: review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 laanwj: Review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 hebasto: ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287, agree with arguments above. Zero-1729: ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 Tree-SHA512: 1ab20c837cd952aa32b57473772cbfd33411a08db6e88b951bce38f76a3c509c0e91d6944ec0ca5eac8d5eb4d98a5489276d55691328f2e2556b2640f8e7c108
804 B
804 B
Security Policy
Supported Versions
| Version | Supported |
|---|---|
| 0.17 | ✅ |
| 0.16 | ✅ |
| < 0.16 | ❌ |
Reporting a Vulnerability
To report security issues send an email to security@dash.org (not for support).
The following keys may be used to communicate sensitive information to developers:
| Name | Fingerprint |
|---|---|
| UdjinM6 | 3F5D 48C9 F002 93CD 365A 3A98 8359 2BD1 400D 58D9 |
| Pasta | 2959 0362 EC87 8A81 FD3C 202B 5252 7BED ABE8 7984 |
You can import a key by running the following command with that individual’s fingerprint: gpg --keyserver hkps://keys.openpgp.org --recv-keys "<fingerprint>" Ensure that you put quotes around fingerprints containing spaces.