|
|
|
|
|
|
by ninjin
682 days ago
|
|
|
Thank you, that one cracked me up. Pardon my potential ignorance, but as someone that usually does the right thing security-wise, is there really much of an advantage to signify(1) and Sha256 if we are pulling the key and hash over the same HTTPS connection as what we are about to verify? It is not like with sysupgrade(8) where we have a trusted key already on disk. |
|
|
If you're just relying on HTTPS alone it means you're essentially trusting the certificate store that Hetzner put there for you.