Hi,
You should soon receive a confirmation mail.
Shalom-Salam,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
___
Gnupg-us
On Wed, 21 Aug 2024 19:09, Jacob Bachmeyer said:
> configured for anonymous-only. FTP is both simple and ancient, so I
Yes, the protocol is simple but most server implementaions are pretty
complex. That is why we settled for oftpd nearly decades ago. And as
we see we are already building a fil
Thanks, it arrived before your email!
On 22.08.2024 09:46, Werner Koch wrote:
Hi,
You should soon receive a confirmation mail.
Shalom-Salam,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/g
Hi.
On 2024-08-22 (Do.) 09:48, Werner Koch via Gnupg-users wrote:
On Wed, 21 Aug 2024 19:09, Jacob Bachmeyer said:
configured for anonymous-only. FTP is both simple and ancient, so I
Yes, the protocol is simple but most server implementaions are pretty
complex. That is why we settled for o
Jacob Bachmeyer via Gnupg-users wrote:
> Unlike HTTP, FTP is /not/ subject to simple Man-on-the-Side attacks
> (which motivated the rush to HTTPS) because there is no in-protocol
> redirect.
So FTP isn't vulnerable to that particular attack, and attackers have
to resort to TCP hijacking or DNS p
On Thu, 22 Aug 2024 14:01, Björn Persson said:
> next version of GPG that way. To anyone who doesn't already have GPG,
> HTTPS is the best integrity protection they will get.
Not really. This does not protect the files on the server. Only the
.sig and the checksums posted to several places can
Werner Koch wrote:
On Wed, 21 Aug 2024 19:09, Jacob Bachmeyer said:
configured for anonymous-only. FTP is both simple and ancient, so I
Yes, the protocol is simple but most server implementaions are pretty
complex. That is why we settled for oftpd nearly decades ago. And as
we see
Björn Persson wrote:
Jacob Bachmeyer via Gnupg-users wrote:
Unlike HTTP, FTP is /not/ subject to simple Man-on-the-Side attacks
(which motivated the rush to HTTPS) because there is no in-protocol
redirect.
So FTP isn't vulnerable to that particular attack,
... which is important bec
On Thu, Aug 22, 2024 at 07:12:37PM -0500, Jacob Bachmeyer via Gnupg-users wrote:
> > [...]
> > > I would encourage resuming FTP distribution, since I see no
> > > plausible security benefit to omitting it.
> >
> > For the download usecase, I see no plausible benefit to providing FTP
> > service in
On Thu, Aug 22, 2024 at 02:01:15PM +0200, Björn Persson wrote:
>
> Those who already have GPG and the release-signing keys can verify the
> next version of GPG that way. To anyone who doesn't already have GPG,
> HTTPS is the best integrity protection they will get.
Meeting Werner in person may be
10 matches
Mail list logo
