On Fri, Jul 10, 2020 at 5:38 PM Neil C Smith <[email protected]> wrote: > I personally prefer the idea of hashing in the plugin portal
Agreed, a cryptographic checksum in an HTTPS-retrieved catalog should be sufficient, and is far less onerous than dealing with certificates. The more interesting problem is not really defended against by certificates anyway: even if a valid signature was applied to an NBM by a real trustworthy person, if the build was done on their personal hardware then there is no assurance of provenance—there could have been a virus on that machine, or for that matter there might be local uncommitted modifications! Better to have builds be done by something like builds.apache.org or GitHub Actions, with some process verifying the checksum of the binaries at the moment they are built from a specific Git commit. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
