On Tue, 21 Nov 2017 02:54:14 +0100, David Runge wrote: >Would it be possible to implement letsencrypt for linuxaudio.org and >all of its subdomains? >This would greatly improve the security of the packages hosted there >(or rather their transfer from the server to the build machine) and >help for said packages not to be dropped, as more and more distros try >to switch to more reliable and authenticatable (is that a word?) >upstreams.
Hi, for security reasons developers should consider to provide signed checksums, as fortunately e.g. https://www.kernel.org/category/signatures.html does. This was discussed at e.g. Arch general. >Additionally, there is the benefit of raising privacy for users of all >things hosted on linuxaudio.org. Not that much, since even when additionally using TOR, privacy isn't ensured without exceptions, https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting . Regards, Ralf -- $ pacman -Q linux{,-rt{,-cornflower,-pussytoes}}|awk '{print $2}' 4.14-2 4.13.13_rt5-1 4.11.12_rt16-1 4.14_rt1-1 _______________________________________________ Linux-audio-dev mailing list Linux-audio-dev@lists.linuxaudio.org https://lists.linuxaudio.org/listinfo/linux-audio-dev