| ▲ | justinclift 2 days ago |
| Sure, but if they're hosting it on their own site then who's to know it hasn't been modified by them for some reason? ie it's no longer a "source of truth" |
|
| ▲ | 8n4vidtmkvmk 2 days ago | parent [-] |
| Post the checksum J/K. Court should maybe GPG sign it though.. something like that. So we can verify the creator of any particular document. |
| |
| ▲ | madaxe_again 2 days ago | parent [-] | | Who is this for though? Your average user would not be able to use it or understand the purpose of it. A big image of a padlock with a tick saying “SECURE AND VERIFIED” would be just as effective. | | |
| ▲ | hdjrudni a day ago | parent | next [-] | | Have to start somewhere. Especially in this age of AI where everything can be faked. Put a "learn more" link that says how they can verify the authenticity. If people aren't interested in learning, that's on them. A padlock doesn't tell you anything. The padlock next the URL just says the connection is encrypted. You used to be able to pay $200 and the cert authority would make you send documents proving you are who you say you are, and it'd show your company name next to the address bar. I went through the process once. It was a good idea IMO, not sure why we got rid of it. Maybe shiesty authorities that weren't doing their due diligence. | |
| ▲ | justinrubek 2 days ago | parent | prev [-] | | The average user doesn't understand TLS but they use it. The average user doesn't understand TCP but they still use it. That doesn't sound like a problem to me. Having signed documents isn't a bad thing. |
|
|
