gpg is commonly used for verifying signatures before installing packages and is how you would get packages from Launchpad too, right? forgive me, but maybe wishlist is too low a importance? Obviously, your call and I am not experienced with the project here, but I really think this should be backported soon.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1409117 Title: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM To manage notifications about this bug go to: https://bugs.launchpad.net/gnupg/+bug/1409117/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
