Hey Ralf,
On 2017-11-21 06:44:27 (+0100), Ralf Mardorf wrote:
for security reasons developers should consider to
provide signed
checksums, as fortunately e.g.
https://www.kernel.org/category/signatures.html does. This was
discussed at e.g. Arch general.
That is right. I am not sure, how many can be
convinced in the near
future. Asking is cheap, though, so would that work for you Fons? :)
Not that much, since even when additionally using TOR,
privacy isn't
ensured without exceptions,
https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting .
That of course
is also true and thanks for pointing it out.
When writing, I was more thinking of subdomains hosting applications,
that require authentication (then seeing, that e.g.
{lists,wiki}.linuxaudio.org already facilitate letsencrypt certs).
Of course, given the right tools and infrastructure, it gets
increasingly harder to achieve some form of privacy.
However, that's no reason not to aim for the maximum amount thereof.
In any case (unless your ssl is broken) and however one wants to turn
it: It is beneficial to implement https and I'm happy to hear it will be
done.
Best,
David
--
https://sleepmap.de