Skip to content
This repository has been archived by the owner on May 10, 2024. It is now read-only.

User trusted GPG keys #291

Open
blackandred opened this issue Feb 26, 2023 · 0 comments
Open

User trusted GPG keys #291

blackandred opened this issue Feb 26, 2023 · 0 comments
Labels

Comments

@blackandred
Copy link
Contributor

In order to increase the upload endpoint security we may introduce a list of trusted GPG keys on server side in the User profile.

  • A public GPG key could allow verify uploader before the upload.
  • Additionally we can try to validate the uploaded file - if it would be not too much overhead to e.g. validate the first X bytes or the header
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

1 participant