Short GPG HOWTO and Re: hackage, cabal-get, and security
Isaac Jones
ijones at syntaxpolice.org
Tue May 17 14:12:57 EDT 2005
Shae Matijs Erisson <shae at ScannedInAvian.com> writes:
> Isaac Jones <ijones at syntaxpolice.org> writes:
>
>> How does one generate a signed SSL certificate? It's very costly, isn't it?
>
> It's free to generate a self-signed certificate, but that doesn't help much.
> As you suggest later in this email, there could be a CA on haskell.org.
But how do you configure your browser / client to trust that
certificate? I guess in web browsers it usually tells you that it's
signed by an unknown CA, do you want to trust it, then you can click
through.
Presumably for SSL you either need to:
- Buy an expensive certificate from a known CA (maybe there are free /
cheap ones?)
- Trust any old certificate that comes along
- Build a web of trust for signing certificates, just the same as for
gpg. Is there a way to do this? GPG has built-in ways to do this,
does SSL?
Thanks for the GPG HOWTO!
peace,
isaac
More information about the Libraries
mailing list