[Haskell-cafe] [Security] Put haskell.org on https

Changaco changaco at changaco.net
Sun Oct 28 21:38:12 CET 2012


On Sun, 28 Oct 2012 17:46:10 +0100 Petr P wrote:
> In this particular case, cabal can have the public part of the
> certificate built-in (as it has the web address built in). So once one
> has a verified installation of cabal, it can verify the server
> packages without being susceptible to MitM attack (no matter if
> they're PGP signed or X.509 signed).

This is PGP's security model, so it's probably better to use PGP keys.



More information about the Haskell-Cafe mailing list