[liberationtech] secure download tool - doesn't exist?!?
Martin Uecker
uecker at eecs.berkeley.edu
Mon Jul 1 18:22:57 PDT 2013
Jonathan Wilkes <jancsika at yahoo.com>:
> On 07/01/2013 07:22 PM, Martin Uecker wrote:
> > Jacob Appelbaum <jacob at appelbaum.net> wrote:
> >
> > ...
> >
> >> We need a secure downloading tool, we need it to be built into every OS
> >> by default and until then, we'll have to rely on tricks to hack it -
> >> preloading certs in browsers, having a website to download it from and
> >> so on.
> >>
> > What we need are backwards compatible self-certifying URLs or hyperlinks,
> > e.g. something like this:
> >
> > <a href="./mysoftware.tgz" hmac="sha1:da19d18ef86f4fb8fe8b61323806ec1764f9bf00">My software</a>
> > <a href="./mysoftware.tgz#sha1:da19d18ef86f4fb8fe8b61323806ec1764f9bf00">My software</a>
>
> https://en.wikipedia.org/wiki/Magnet_link
I know. I really like Magnet links. The catch: I don't think that
there is a change that they will be widely used, because they are
not backwards compatible. Being associated with file sharing will
also not help.
Martin
> >
> > And something similar to specify a public key.
>
> Magnet links have a supplement format where you could put the public key.
>
> -Jonathan
>
> >
> > This would need to be standardized and supported by all major browsers.
> >
> > Martin
> >
> >
> > --
> > Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
More information about the liberationtech
mailing list