On 2010/03/17 8:06 AM, Christopher Faylor wrote: > Since I haven't seen any guarantees that adding https would fix this > problem I'm not convinced that this justifies the amount of work > involved. So, until the mailing list is flooded with people who can't > download setup.exe because we don't have https access, I am satisfied > with not doing anything.
That's too bad. Using SSL would nearly eliminate the risk of a MITM delivering a bogus setup.exe in place of the real thing to some unsuspecting user. As an alternative to setting up SSL on cygwin.com, what about the idea of crypto-signing (e.g. with gnupg) every release of setup.exe, and then posting the signature alongside the binary? I know I would breathe a little easier if I were able to positively verify the authenticity of a given setup.exe binary. The public key would need to be distributed via channels other than just cygwin.com, to make it more difficult to spoof. Fortunately, there are a number of public PGP/GPG key servers to fill that purpose. -SM -- -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
