https://bugzilla.redhat.com/show_bug.cgi?id=1834731 --- Comment #23 from marco <maic23@xxxxxxx> --- If you fetch the key from the same website the binaries are taken from, there is no security. Anyone replacing the binaries can trivially replace the key. Also, bitcoincore.org is the official download site (bitcoin.org is a mirror site unrelated to the Bitcoin Core project). So I recommend to use the steps to verify from their download page: https://bitcoincore.org/en/download/ The instructions recommend to fetch the key based on its fingerprint (01EA5486DE18A882D4C2684590C8019E36C2E964). -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
