On 11 December 2015 at 02:58, Thijs van Dijk <[email protected]> wrote: > On 11 December 2015 at 05:51, Andy Bradford <[email protected]> > wrote: > >> If one wants privacy on a website then more is required than just HTTPS. >> > > Right. *I* just want a reasonable (256-bit) guarantee that the signify keys > on my screen are the ones the OpenBSD authors intended me to see. > > I currently just assume they are correct because it'd be enormously complex > to spoof the entire OpenBSD distribution, but I souldn't have to rely on > "security through effort involved". > > Remember the guy who tried to securely download PuTTY? He couldn't > <https://noncombatant.org/2014/03/03/downloading-software-safely-is-nearly-impossible/>
And I couldn't access his web-site from an OpenBSD box: % lynx -dump https://noncombatant.org/2014/03/03/downloading-software-safely-is-nearly-impossible/ Looking up noncombatant.org Making HTTPS connection to noncombatant.org SSL callback:unable to get local issuer certificate, preverify_ok=0, ssl_okay=0 Retrying connection without TLS. Looking up noncombatant.org Making HTTPS connection to noncombatant.org Alert!: Unable to make secure connection to remote host. lynx: Can't access startfile https://noncombatant.org/2014/03/03/downloading-software-safely-is-nearly-impossible/ % C.
