[libre-riscv-dev] web-of-trust for code reviews to manage trusting dependencies

[Luke Kenneth Casson Leighton]

https://wiki.mozilla.org/Apps/Security/Distribution

I found the location to which the security audit and design contributions -
some of them - had been pathologically shunted and ignored by Mozilla B2G.

I found out later that Mozilla has a decades long standing track record of
ignoring security advice by experts.

I provided *seven* extremely important reasons why SSL is a failure for use
as a package distribution method.

Response: SSL was used as the B2G package distribution method.

Fortunately, B2G was a failure due to excessive CPU utilisation, down to
overdesign and reliance on javascript bindings to latency-sensitive APIs.

whoops :)

L.



-- 
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68