Re: TLS encrypted source for Debian iso signing keys?

To: debian-user@lists.debian.org
Subject: Re: TLS encrypted source for Debian iso signing keys?
From: anotst01@fastmail.fm
Date: Mon, 02 Jul 2012 14:08:08 -0700
Message-id: <[🔎] 1341263288.14324.140661096968789.42BD2B27@webmail.messagingengine.com>

I still do believe a TLS encrypted source to obtain the iso signing keys
is necessary.

What about the people who live many miles away from the next developer?
Someone living on an isle should take the next flight just to get the
gpg keys?

What about the people who are unable to meet with the next developer?
Example: Disabled ones or poor ones (journeys are expensive), etc...

The root CA's are not that bad. How many people do not get MITMed while
doing stuff like online banking... Scammers use (spear)fishing, breaks
in root CA's happen but are rare.

There are already free (as in free beer) root CA's (startssl). It won't
cost anything but requesting and installing the free certificate.
Without scarifying anything else.

-- 
http://www.fastmail.fm - IMAP accessible web-mail

Reply to:

Follow-Ups:
- Re: TLS encrypted source for Debian iso signing keys?
  - From: Roger Leigh <rleigh@codelibre.net>

Prev by Date: Re: TLS encrypted source for Debian iso signing keys?
Next by Date: Re: TLS encrypted source for Debian iso signing keys?
Previous by thread: Re: TLS encrypted source for Debian iso signing keys?
Next by thread: Re: TLS encrypted source for Debian iso signing keys?
Index(es):
- Date
- Thread