HTTPS/TLS support + package signature


#1

Hi

Would it be possible to enable https / tls on the website and on the forums?

That would allow people to have a tidy little bit of privacy when communicating here, which is a must for a project like tribler.

It would take only a few minutes to set up.Wosign offer free certificates if money is an issue (though signed certs are usually pretty cheap nowadays).

I believe it would make technical people more comfortable getting involved on this forums.

Also, could you please sign your packages (using gnupg) and/or at least provide a sha256sum on a secure website?

Thanks!


#2

The site already has https (though it seems to need some overhaul), I’ve just asked The Boss™ to buy a cert for the forums too.

The current RCs are already come with a PGP armored SHA1.txt file (I started doing this after the last stable release, but all pre/releases are going to be signed from now on)

I’ve also added the public key to the github repo so it can be easily verified but I should also make it available from an https host controlled by us for the extra-cautious.

Thanks for the suggestions/reminders! :slight_smile: