This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: include SHA1/MD5 hash/digest of setup.exe, and HTTPS
On 2012-09-27 17:22, James Johnston wrote:
This is just as pointless as serving over plaintext HTTP and creates a
false illusion of security.
And in the words of Linus Torvalds: "The perfect is the enemy of the good".
(Not actually originally by him, but he probably carries more weight
around here)
More security, imperfect though it may be, is always better.
If nothing else, it raises the bar and ensures that you attract a better
class of criminal :-)
If we insisted on running perfect stuff, none of us would be using
Windows in the first place.
Regards, Noel Grandin
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple