Follow-up Comment #3, bug #37428 (project weechat): I discussed this with flashcode on IRC.
The main issue is that flashcode does weechat builds on a server, so signing those packages with a GPG key is of only questionable value. He said he'd look into changing his build process to build - at least stable releases - offline sometime in the future. Also, getting an SSL cert for HTTPS on the download page can be done for free [0][1]. Flashcode is running something else on 443 that would need to be moved. [0]: https://www.startssl.com/?app=12 [1]: http://arstechnica.com/security/2009/12/how-to-get-set-with-a-secure-sertificate-for-free/ _______________________________________________________ Reply to this item at: <http://savannah.nongnu.org/bugs/?37428> _______________________________________________ Message sent via/by Savannah http://savannah.nongnu.org/ _______________________________________________ Weechat-dev mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/weechat-dev
