On Fri, Jan 03, 2014 at 04:35:46PM +0100, Mariska Koch <[email protected]> wrote:
> Can you distribute your source code (the tar.gz files) via for example
> https
What would the point of https be?
> and provide cryptographic signatures for the releases such that users
> can know that they got the software from you as and not from Mallory?
And that somehow makes it trustworthy? And how would users know that from
a signature anyway? Who would be the trust broker for the signature?
I am not convinced the added value is actually worth the effort.
--
The choice of a Deliantra, the free code+content MORPG
-----==- _GNU_ http://www.deliantra.net
----==-- _ generation
---==---(_)__ __ ____ __ Marc Lehmann
--==---/ / _ \/ // /\ \/ / [email protected]
-=====/_/_//_/\_,_/ /_/\_\
_______________________________________________
rxvt-unicode mailing list
[email protected]
http://lists.schmorp.de/cgi-bin/mailman/listinfo/rxvt-unicode
