bug#22883: Trustable "guix pull"

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#22883: Trustable "guix pull"

From:	Ludovic Courtès
Subject:	bug#22883: Trustable "guix pull"
Date:	Tue, 17 May 2016 23:19:15 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

Hi!

address@hidden skribis:

> But I presume there must be another reason why there's no https,

HTTPS is not the alpha and omega of security.  At best, it provides
confidentiality and allows users to authenticate the server (some
certificate authorities are corrupt though, so there’s a risk.)

Once you’ve authenticated the server, you still haven’t authenticated
the code, which is what you’re really interested in as a user.

So this is what this issue is about, and I agree it needs to be fixed
ASAP.  Your contributions are very welcome, too!  :-)

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#22883: Trustable "guix pull", fluxboks, 2016/05/16
- bug#22883: Trustable "guix pull", Thompson, David, 2016/05/16
- bug#22883: Trustable "guix pull", Ludovic Courtès <=

Prev by Date: bug#23409: unable to load free firmware
Next by Date: bug#23286: Unable to unlock xscreensaver in Xfce
Previous by thread: bug#22883: Trustable "guix pull"
Next by thread: bug#23195: GNOME help does not work
Index(es):
- Date
- Thread