21 Nov
2017
21 Nov
'17
10:27 a.m.
Yeah, more security and privacy, because Linux Audio packages are
constantly attacked by enemies :D
On Nov 21, 2017 06:44, "Ralf Mardorf" <ralf.mardorf(a)alice-dsl.net> wrote:
On Tue, 21 Nov 2017 02:54:14 +0100, David Runge
wrote:
Would it be possible to implement letsencrypt for
linuxaudio.org and
all of its subdomains?
This would greatly improve the security of the packages hosted there
(or rather their transfer from the server to the build machine) and
help for said packages not to be dropped, as more and more distros try
to switch to more reliable and authenticatable (is that a word?)
upstreams.
Hi,
for security reasons developers should consider to provide signed
checksums, as fortunately e.g.
https://www.kernel.org/category/signatures.html does. This was
discussed at e.g. Arch general.
Additionally, there is the benefit of raising
privacy for users of all
things hosted on linuxaudio.org.
Not that much, since even when additionally using TOR, privacy isn't
ensured without exceptions,
https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting .
Regards,
Ralf
--
$ pacman -Q linux{,-rt{,-cornflower,-pussytoes}}|awk '{print $2}'
4.14-2
4.13.13_rt5-1
4.11.12_rt16-1
4.14_rt1-1
_______________________________________________
Linux-audio-dev mailing list
Linux-audio-dev(a)lists.linuxaudio.org
https://lists.linuxaudio.org/listinfo/linux-audio-dev