Originally reported at EFForg/starttls-everywhere#147 :
First it fetches the key from a "normal" keyserver (i.e. usually using the default within gpg). This means an attacker can poison the key by attaching a large number of bogus signatures, which has happened a few times lately to keys from prominent members of the PGP community.
I recommend downloading the key from a location you control via https.
Second the line
gpg --trusted-key 842AEA40C5BCD6E1 --verify policy.json.asc
uses a truncated 64 bit key id. It is possible (although expensive) to create a colliding key for 64 bit key ids. An attacker who is able to convince a person to import a specified key into the local keyring could use this for an attack. For this reason the 160 bit full key id / fingerprint should always be used when referencing keys.
sydneyli
commented
5 years ago
Originally reported at EFForg/starttls-everywhere#147 :