F.2.1 The Development Snapshots key

The Development Snapshots private key is stored without a passphrase. This is necessary, because the snapshots are generated every night without human intervention, so nobody would be able to type a passphrase.

The snapshots are built and signed on a team member's home computers, before being uploaded to the web server from which you download them.

Therefore, a signature from the Development Snapshots key DOES protect you against:

• People tampering with the PuTTY binaries between the PuTTY web site and you.
• The maintainers of our web server attempting to abuse their root privilege to tamper with the binaries.

But it DOES NOT protect you against:

• People tampering with the binaries before they are uploaded to our download servers.
• People tampering with the build machines so that the next set of binaries they build will be malicious in some way.
• People stealing the unencrypted private key from the build machine it lives on.

Of course, we take all reasonable precautions to guard the build machines. But when you see a signature, you should always be certain of precisely what it guarantees and precisely what it does not.