Opened 2 years ago
Closed 9 months ago
#203 closed task (wontfix)
Buy SSL certs for keys.qubes-os.org and wiki.qubes-os.org
| Reported by: | joanna | Owned by: | joanna |
|---|---|---|---|
| Priority: | minor | Milestone: | Release 1 |
| Component: | other | Keywords: | |
| Cc: |
Description
Change History (3)
comment:1 Changed 2 years ago by joanna
- Component changed from core to other
- Priority changed from major to minor
comment:2 Changed 2 years ago by joanna
- Milestone changed from Release 1 Beta 2 to Release 1.0
comment:3 Changed 9 months ago by joanna
- Resolution set to wontfix
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
After thinking about it, I decided against buying the cert, for the following reasons:
1) As we still serve our ISOs from Amazon S3 systems (over which we have absolutely no control), the fact that we had an SSL cert for qubes-os.org would not change the fact that user would still need to verify signatures on the downloaded ISOs,
2) The certificate could only make it more convenient to verify our signing key (for ISO verification), but I'm afraid that this would discourage users from verifying the keys using 3rd party sites, such as qubes-devel archives, etc. At the same time, putting a private SSL key on our webserver (and now trusting it for our key verification) is something I would like to avoid. So far we managed to avoid the need to put _any_ trust into servers, and I like this to stay this way.
3) Wiki is not security sensitive, users other than Qubes core developers cannot log in there anyway, and so there is little benefit of protecting it with SSL certs.
More discussion on this topic here:
https://groups.google.com/forum/?fromgroups=#!topic/qubes-devel/hSj9IED8Z9g