[Qgis-psc] [SAC] Osgeo Code signing certificates
Sandro Santilli
strk at keybit.net
Wed Apr 20 03:54:25 PDT 2016
On Wed, Apr 20, 2016 at 04:39:03AM -0600, Larry Shaffer wrote:
> Hi,
>
> If the OSGeo is considering taking the following stances...
Larry, it looks like you misunderstood my stances completely.
> * referring to the industry standard practice of code-signing, which
> protects the user from anyone tampering with software they are installing
> or have installed, as something that needs a workaround;
I've nothing against code-signing, but I think the user needs to be
able to decide who to trust.
> * that the default security practices and implementations on major OSes is
> somehow evil to their users, and that the users need protected from such
> losses of freedom;
It is evil if an OS enforces what's good or bad to a user.
Not evil if the user decides who to trust.
> * that the OSGeo needs to train users on how to circumvent these default
> security protections;
OSGeo needs to train users on how to tell their OS to trust OSGeo,
> then an anti-reality warp is in effect, which will only hurt users who
> actually just want to use the open-source software.
Users that just want to use open-source software should be able to
do so w/out their OS fighting against that. If any OS is fighting,
OS advocates should fight back.
--strk;
More information about the Qgis-psc
mailing list