On 13-08-2014 09:04, Carlin Bingham wrote: > Are there plans to get openbsd.org serving over SSL? That would help a > bit in trusting the keys posted to the website. > No, it wouldn't. If we go down that path, DNSSEC, with all it's problems is better than SSL for this. You can get free ssl certificates these days, so the cost isn't the issue here. I do many things that the OP said, such as downloading the sig's from different mirrors, using different internet connections at different times. And even now that there are the pub keys for the next release on the install, I'll keep doing this, just to be sure.
Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
