https://actu365.com/tek/securite-informatique/2018/06/15/sigspoof-gnupg-flaw-could-be-exploited-to-spoof-message-signatures/