Event JSON
{
"id": "7c5f3619c61c32d97c8d239a9da36c86b54eacd842570b593b92dcad00888e7c",
"pubkey": "a630425e1d6086d3ee3a1762f839c8bc832e87390da9a879c0a7aa9ffab8ed1e",
"created_at": 1683832513,
"kind": 1,
"tags": [
[
"p",
"5b3a7414e933d3683c2b89d83f516c7a971781b4cb3d3a33c9c07fa5d6b74fac",
"wss://relay.mostr.pub"
],
[
"p",
"5468bceeb74ce35cb4173dcc9974bddac9e894a74bf3d44f9ca8b7554605c9ed",
"wss://relay.mostr.pub"
],
[
"e",
"ceec750ce52326ac50e4a22b045b539865baae250b72725f9edaca3003d126bc",
"wss://relay.mostr.pub",
"reply"
],
[
"mostr",
"https://fosstodon.org/users/jas/statuses/110351647600138308"
]
],
"content": "nostr:npub1tva8g98fx0fks0pt38vr75tv02t30qd5ev7n5v7fcpl6t44hf7kqgg2yl5 Interesting take -- that is a weaker security model than what can be achieved with OpenPGP signatures of software releases if you publish OpenPGP key fingerprints on your website. WebPKI or DANE have similar trust concerns, in that you have to trust entities external to GrapheneOS to verify your releases.",
"sig": "590112dd53d4acc6350bafd83eacab98e95073d0d460b785bc7680c6bf2a662e1e968ce04eeaefa5981cf266ba92a8b2b9ac1ca82ba09a6db88bf3b2d0d0754b"
}
