This repository was archived by the owner on May 10, 2024. It is now read-only.
This repository was archived by the owner on May 10, 2024. It is now read-only.
User trusted GPG keys #291
Open
Description
In order to increase the upload endpoint security we may introduce a list of trusted GPG keys on server side in the User profile.
- A public GPG key could allow verify uploader before the upload.
- Additionally we can try to validate the uploaded file - if it would be not too much overhead to e.g. validate the first X bytes or the header