1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-06-16 08:34:53 +02:00

Add cure53 audit report

This commit is contained in:
Paul Schaub 2021-12-20 14:36:49 +01:00
parent a006cb5ec5
commit 3c802183f0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 8 additions and 0 deletions

BIN
assets/Audit-PGPainless.pdf Normal file

Binary file not shown.

View file

@ -80,6 +80,14 @@ This allows PGPainless to be used as a command line application for encryption/d
More importantly though, this allows to plug PGPainless into the [Sequoia OpenPGP Interoperability Test Suite](https://tests.sequoia-pgp.org/).
This extensive test suite demonstrates how closely PGPainless is following the standard, especially when it comes to signature verification.
## Security Audits
In late 2021, PGPainless was subject to an extensive security audit by the the pentesting
team of [Cure53](https://cure53.de). The audit was generously sponsored and arranged by [FlowCrypt.com](https://flowcrypt.com)!
Results of the audit [are publicly available here](assets/Audit-PGPainless.pdf).
Wherever possible, findings of the audit have been fixed in a timely manner.
## Forever Free Software
PGPainless is licensed under the Apache License 2.0 and this will never change.