[Bro-Dev] #477: Signing releases
Bro Tracker
bro at tracker.bro-ids.org
Fri Jun 17 08:34:01 PDT 2011
#477: Signing releases
----------------------+------------------------
Reporter: robin | Owner:
Type: Problem | Status: new
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version: git/master
Resolution: | Keywords:
----------------------+------------------------
Changes (by robin):
* version: => git/master
* type: Task => Problem
Comment:
On Fri, Jun 17, 2011 at 15:05 -0000, you wrote:
> Establishing trust in a PGP public key isn't always a lightweight
> operation for users, right?
Yeah, we should at least all sign they key with out private ones.
> If (maybe additionally) the webserver hosting releases has an SSL
> cert. issued by a commonly trusted CA, users will find it easier to
> just download them or verify checksums over HTTPS.
That's a good idea in any case, we should generally offer SSL access.
Does anyone have experience with getting a trustworthy cert and can
take the lead on that?
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/477#comment:1>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list