Hello Lew, Allow me to give you two answers: Lazy (executive?) answer: if you want guarantees go with a commercial distro like SLES. Not so lazy one: are you concerned about authoritative DNS highjacking just in time for the renewal? Regards, CI. El dom., 25 de junio de 2023 16:18, Lew Wolfgang <wolfgang@sweet-haven.com> escribió:
Hi Folks,
I'm sure this isn't the right list for this question, but it will have to do.
In downloading the Leap 15.5 ISO I noticed that the TLS cert is issued by Let's Encrypt. This is rather concerning considering all the current supply-chain security issues.
Does Let's Encrypt still use a one-step domain verification process? If so, how can it really be trusted for something as important as an operating system? How can we be sure we're not downloading malware without strong domain verification of the source?
Regards, Lew