| ▲ | benchloftbrunch 3 days ago | |
As long as you're OK with self signed certificates or PGP keys, I'd be on board with this. I really, really dislike the idea of using TLS certificates as we know them for this purpose, because the certificate authority system is too centralized, hierarchical, and bureaucratic, tightly coupled to the DNS. That system is great for the centralized, hierarchical, bureaucratic enterprises who designed it in the 90s, but would be a pain in the ass for a solo developer, especially with the upcoming change to 45 day lifetimes. | ||
| ▲ | lelanthran 3 days ago | parent [-] | |
> As long as you're OK with self signed certificates or PGP keys, I'd be on board with this. I am with PGP but more wary of self-signed certs, though even self-signed certs allow mass revocation of packages when an author's cert is compromised. | ||