This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigF34D7DB1FB0961A1817C83B4 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 21/11/2012 03:37, Mark Andrews wrote: >> The certificates are self-signed. Whilst the hashes are published on >> > the FreeBSD website, that site is only available via HTTP so there's= >> > still a bootstrap issue - which I don't have a general solution for.= > See DANE, RFC 6698. Which means getting the FreeBSD.org domain signed using DNSSEC. Something I'd be very happy to see. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey --------------enigF34D7DB1FB0961A1817C83B4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlCsci4ACgkQ8Mjk52CukIxNogCfe9PZry+ejaa86Us5ueQhFHw+ ioEAn09lasIPuDPYeluU8x4RMh7SBKg7 =A+ww -----END PGP SIGNATURE----- --------------enigF34D7DB1FB0961A1817C83B4--