|
|
|
|
|
|
by dgreisen
2767 days ago
|
|
|
Even if the canonical copy were hosted on the Council's website, you would still be trusting the hosting provider, the DNS system, and the certificate authority - all private entities. What is needed is cryptographic authentication so that the git servers can be completely untrusted. This is also necessary to comply with the Uniform Electronic Legal Material Act (adopted by DC here: https://code.dccouncil.us/dc/council/code/titles/2/chapters/...). We will be rolling out such a system based on TUF in Q1 2019. |
|
|
Regardless, I would expect hosting, authoritative DNS and certificate to all be handled by the government itself. It's not a startup that's getting free vouchers for AWS to burn, public infrastructure should be either handled internally, or via some public auction on government's terms.