[tex-live] New installer GUI

Norbert Preining preining at logic.at
Wed Nov 21 16:17:58 CET 2018

On Wed, 21 Nov 2018, Zdenek Wagner wrote:
> it does not have the same strength as web servers certificate. Thus
> you can receive a mail signed digitally by Humpty Dumpty, his public
> key will be signed by Mock Turtle, Cheshire Cat, and Mad Hatter, but
> how can you know who really sent the mail if the sender e-mail address
> is forged and you cannot match the key fingerprint to a person you
> know?

Web of trust. It is the old - very old - discussion between whom you
trust more: a central authority (hoh hoh, breaches of CA have been far
and wide) or a web of trust (this guy's key has been signed by a guy I

I prefer the later one, I prefer non-centralized single-point-of-failure
security. You say that "web server certificates are stronger", which I
strongly disagree.

Simple question: which software release is signed with a ssl certificate
instead of a pgp/gpg certificate? At least in the OSS world I don't know
of any.


PREINING Norbert                               http://www.preining.info
Accelia Inc.     +    JAIST     +    TeX Live     +    Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

More information about the tex-live mailing list