pull down to refresh
1597 sats \ 2 replies \ @Natalia 24 Feb \ parent \ on: The Curious Case of Digital Signatures crypto
deleted by author
The point is that we must decide who we will trust (e.g., Linus Torvalds, Microsoft, or the Qubes Project) and assume that if a trusted party signed a given file, then it should not be malicious or negligently buggy. The decision of whether to trust any given party is beyond the scope of digital signatures. Itβs more of a social and political decision.
this so much
That's why I mentioned "the person you trust" here
When you verify a digital signature, you make sure that the software was created by the person you trust and think it was created by (authenticity) and that it was not modified (integrity).
But they explain this part very well, I didn't