Y
Hacker News
new
|
ask
|
show
|
jobs
by
gruez
52 days ago
That's the whole problem. There's no way to verify the authenticity of a release aside from "getting it from a trusted source" or whatever, whereas digital signatures would easily solve this issue.