23197 – release archive page is not http secure

D issues are now tracked on GitHub. This Bugzilla instance remains as a read-only archive.

Issue 23197 - release archive page is not http secure

Summary: release archive page is not http secure

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	D
Classification:	Unclassified
Component:	dlang.org (show other issues)
Version:	D2
Hardware:	All All

Importance:	P3 normal
Assignee:	No Owner

URL:
Keywords:

Depends on:
Blocks:

Reported:	2022-06-20 12:05 UTC by basile-z
Modified:	2022-12-20 22:38 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.

Description basile-z 2022-06-20 12:05:37 UTC

the page https://dlang.org/download.html contains the archive link 
http://downloads.dlang.org/ which is not secure. All links in there, secpecially http://downloads.dlang.org/releases/2.x/,  are not secure either, including signatures.

Comment 1 anonymous4 2022-06-20 13:19:00 UTC

By secure you mean confidential? Authenticity of asymmetric signatures relies on secrecy of signer's private key, not on confidentiality of signature itself.

Comment 2 basile-z 2022-06-20 13:20:34 UTC

cmon ;) you know what I mean. https.