[openstack-dev] [Horizon] the future of angularjs development in Horizon
Jeremy Stanley
fungi at yuggoth.org
Fri Nov 14 19:39:33 UTC 2014
On 2014-11-15 02:57:15 +0800 (+0800), Thomas Goirand wrote:
[...]
> Do you realize that with the TLS system, you have to trust every
> and all CA, while with PGP, you only need to trust a single
> fingerprint?
[...]
Technically not true *if* the package retrieval tools implement
certificate pinning rather than trusting any old CA (after all,
they're not Web browsers, so they could in theory do that with
minimal impact).
Too bad https://github.com/pypa/pip/issues/1168 hasn't gotten much
traction.
--
Jeremy Stanley
More information about the OpenStack-dev
mailing list