[LAD] https for linuxaudio.org

[Louigi Verona]

Yeah, more security and privacy, because Linux Audio packages are
constantly attacked by enemies :D

On Nov 21, 2017 06:44, "Ralf Mardorf" <ralf.mardorf at alice-dsl.net> wrote:

> On Tue, 21 Nov 2017 02:54:14 +0100, David Runge wrote:
> >Would it be possible to implement letsencrypt for linuxaudio.org and
> >all of its subdomains?
> >This would greatly improve the security of the packages hosted there
> >(or rather their transfer from the server to the build machine) and
> >help for said packages not to be dropped, as more and more distros try
> >to switch to more reliable and authenticatable (is that a word?)
> >upstreams.
>
> Hi,
>
> for security reasons developers should consider to provide signed
> checksums, as fortunately e.g.
> https://www.kernel.org/category/signatures.html does. This was
> discussed at e.g. Arch general.
>
> >Additionally, there is the benefit of raising privacy for users of all
> >things hosted on linuxaudio.org.
>
> Not that much, since even when additionally using TOR, privacy isn't
> ensured without exceptions,
> https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting .
>
> Regards,
> Ralf
>
> --
> $ pacman -Q linux{,-rt{,-cornflower,-pussytoes}}|awk '{print $2}'
> 4.14-2
> 4.13.13_rt5-1
> 4.11.12_rt16-1
> 4.14_rt1-1
> _______________________________________________
> Linux-audio-dev mailing list
> Linux-audio-dev at lists.linuxaudio.org
> https://lists.linuxaudio.org/listinfo/linux-audio-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxaudio.org/pipermail/linux-audio-dev/attachments/20171121/4cf7cd9d/attachment.html>