Gregory Maxwell [ARCHIVE] on Nostr: 📅 Original date posted:2013-03-03 📝 Original message:On Sun, Mar 3, 2013 at ...
📅 Original date posted:2013-03-03
📝 Original message:On Sun, Mar 3, 2013 at 10:54 AM, Roy Badami <roy at gnomon.org.uk> wrote:
> Would be nice to have a secure page at bitcoin.org, though, rathar
> than having to go to github - certs from somewhere like Namecheap
> should cost you next to nothing. For those of us too lazy (not
> paranoid enough) to bother with GPG, a (secure) page on bitoin.org
> with the MD5 hashes of the binaries would be awesome...
While I think that it's silly that we don't have a HTTPS (only!) page,
it should be noted that an HTTPS page is in no way a replacement for
GPG, sadly: Anyone who can MITM the server to the whole internet can
trivially obtain a fraudulent cert with only moderate cost and time.
(The reason for this is that (many? most? all?) CAs verify authority
by having you place a file at some HTTP path on the domain in
question. Effectively the current CA model only prevents those from
intercepting who cannot intercept the traffic generally. Basically
only helps with the evil hotspot/tor_exit problem.)
📝 Original message:On Sun, Mar 3, 2013 at 10:54 AM, Roy Badami <roy at gnomon.org.uk> wrote:
> Would be nice to have a secure page at bitcoin.org, though, rathar
> than having to go to github - certs from somewhere like Namecheap
> should cost you next to nothing. For those of us too lazy (not
> paranoid enough) to bother with GPG, a (secure) page on bitoin.org
> with the MD5 hashes of the binaries would be awesome...
While I think that it's silly that we don't have a HTTPS (only!) page,
it should be noted that an HTTPS page is in no way a replacement for
GPG, sadly: Anyone who can MITM the server to the whole internet can
trivially obtain a fraudulent cert with only moderate cost and time.
(The reason for this is that (many? most? all?) CAs verify authority
by having you place a file at some HTTP path on the domain in
question. Effectively the current CA model only prevents those from
intercepting who cannot intercept the traffic generally. Basically
only helps with the evil hotspot/tor_exit problem.)