This is absolutely, entirely wrong. It's so wrong that I need to wonder why you don't even realize you're wrong. A HTTP website with my GPG-signed data is _more_ secure than an HTTPS website. Relying on a CA is not the…
Somebody better warn the Debian maintainers that their packages have been Not Secure for the past decade-or-more.
This is absolutely, entirely wrong. It's so wrong that I need to wonder why you don't even realize you're wrong. A HTTP website with my GPG-signed data is _more_ secure than an HTTPS website. Relying on a CA is not the…
Somebody better warn the Debian maintainers that their packages have been Not Secure for the past decade-or-more.