On Fri, Sep 02, 2022 at 06:23:48PM +0300, Christos Zoulas wrote: > I think we should be installing the anchors by default. I also think > that people think that https gets validated by default.
Yes, this is long overdue. The current situation is vulnerable by default to MiM attacks, like malware injection into downloaded binaries. I feel bad each time I run pkg_add. -- Emmanuel Dreyfus m...@netbsd.org
