yep, it's out of date. three cheers for "security" in ruby. https://github.com/geemus/excon/blob/master/data/cacert.pem … this thing powers fog. trust your servers now?
@raggi @halorgium placing certs in a gem is pointless until RubyGems has a signing system. It just adds attack surface
-
-
@bascule@halorgium yeah, lets get into that shit and make me want to quit ruby even more -
@raggi@halorgium rofl, I keep meaning to spike out full PKI for RubyGems signing, or at least describe a strawman -
@bascule@halorgium just implement tuf -
@raggi@halorgium heh, could try! I can't say I really understand it -
@bascule@halorgium start at the top
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.