> (The reason for this is that (many? most? all?) CAs verify authority
> by having you place a file at some HTTP path on the domain in
> question.
IME most CAs verify by emailing hostmaster/webaster@ or one of the
contacts in the WHOIS. But you're right, still subject to a MitM.
Still better than
On Sun, Mar 3, 2013 at 10:54 AM, Roy Badami wrote:
> Would be nice to have a secure page at bitcoin.org, though, rathar
> than having to go to github - certs from somewhere like Namecheap
> should cost you next to nothing. For those of us too lazy (not
> paranoid enough) to bother with GPG, a (se
On Sat, Mar 02, 2013 at 04:09:38PM -0500, Gavin Andresen wrote:
> My gpg key is on the bitcoin.org homepage:
> http://bitcoin.org/gavinandresen.asc
> which you can access securely (and see the history of) at:
> https://github.com/bitcoin/bitcoin.org/blob/master/gavinandresen.asc
Would be n
3 matches
Mail list logo
