httpS download of iso images
Joel Rees
joel.rees at gmail.com
Sun Feb 3 15:38:45 UTC 2019
2019年1月29日(火) 7:26、Peter He さん(linhepe at gmail.com)のメッセージ:
> Please, in the name of most Ubuntu users, who will NOT verify their
> downloaded image using GPG, make the default download from the
> official website use httpS.
>
> Thank You
>
> (Many users do not have a web of trust set up, to properly use gpg,
> but can rely on the public key infrastructure, given that public keys
> of certificate authorities are shipped with their existing OS and
> browser.)
>
Well, there is something to be said for thinking you can, I suppose.
Users should learn how to bootstrap their own web of trust rather than
relying on what appears to be from within a pile of third-party
certificates of unverifiable origin.
I'm going to voice myself of the opinion that developers should not use
their valuable time encouraging users to rely on the unreliable instead of
establishing a web of trust they can trust.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20190204/a5a662b4/attachment.html>
More information about the ubuntu-users
mailing list