Author: Drak 2013-12-08 10:00:35
Published on: 2013-12-08T10:00:35+00:00
The author of the email highlights the importance of using SSL certificates to prevent attackers from changing the contents of a page via MITM. Recent studies have shown that there is a massive abuse of the BGP routing protocol being used to redirect websites through a third party, which could be used to divert users to rogue versions of software. The only way to mitigate these MITMs is to use SSL. In addition, the author suggests hosting Bitcoin Qt software at Github instead of Sourceforge because it has a releases feature where you can upload a packaged release and no adverts. Many people feel that Github is more trustworthy than Sourceforge and it makes sense to have the downloads where the source is developed. Regarding the idea of moving bitcoin.org on a dedicated server with an SSL certificate, the author mentions possible issues related to CA and DigiCert certificate. Currently, bitcoin.org shows as 'not verified' and 'not encrypted'. The author suggests further decentralizing the content of bitcoin.org by thinking about how many mirrors are there of bitcoin.org? The author also brings up Tahoe-LAFS and .bit stuff (namecoin) as examples of how to decentralize something. Overall, the email highlights the importance of using SSL certificates and suggests moving the Bitcoin Qt software to Github instead of Sourceforge. The author also suggests further decentralizing the content of bitcoin.org by using mirrors or other methods.
Updated on: 2023-06-07T22:05:17.799697+00:00