From: Gregory Maxwell <gmaxwell@gmail•com>
To: Roy Badami <roy@gnomon•org.uk>
Cc: g@gnomon•org.uk,
bitcoin list <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Secure download
Date: Sun, 3 Mar 2013 12:02:24 -0800 [thread overview]
Message-ID: <CAAS2fgSRYcC4e0E5UiXnLUYZHOkRkvgVdRnmOBWfqcXEKdkgFQ@mail.gmail.com> (raw)
In-Reply-To: <20130303185446.GU68379@giles.gnomon.org.uk>
On Sun, Mar 3, 2013 at 10:54 AM, Roy Badami <roy@gnomon•org.uk> wrote:
> Would be nice to have a secure page at bitcoin.org, though, rathar
> than having to go to github - certs from somewhere like Namecheap
> should cost you next to nothing. For those of us too lazy (not
> paranoid enough) to bother with GPG, a (secure) page on bitoin.org
> with the MD5 hashes of the binaries would be awesome...
While I think that it's silly that we don't have a HTTPS (only!) page,
it should be noted that an HTTPS page is in no way a replacement for
GPG, sadly: Anyone who can MITM the server to the whole internet can
trivially obtain a fraudulent cert with only moderate cost and time.
(The reason for this is that (many? most? all?) CAs verify authority
by having you place a file at some HTTP path on the domain in
question. Effectively the current CA model only prevents those from
intercepting who cannot intercept the traffic generally. Basically
only helps with the evil hotspot/tor_exit problem.)
next prev parent reply other threads:[~2013-03-03 20:02 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-02 19:39 webmaster
2013-03-02 21:09 ` Gavin Andresen
2013-03-03 18:55 ` Roy Badami
2013-03-03 20:02 ` Gregory Maxwell [this message]
2013-03-03 20:25 ` Roy Badami
2013-03-05 12:37 ` Roy Badami
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAAS2fgSRYcC4e0E5UiXnLUYZHOkRkvgVdRnmOBWfqcXEKdkgFQ@mail.gmail.com \
--to=gmaxwell@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=g@gnomon$(echo .)org.uk \
--cc=roy@gnomon$(echo .)org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox