http://blog.sonatype.com/2014/07/ssl_connectivity_for_central/
--Brian (mobile) > On Jul 28, 2014, at 11:06 PM, Brian Fox <[email protected]> wrote: > > We are already in the process of making this open for free to > everyone. Way back in 2012 the CDN situation was different but we just > renewed the contract and and ssl is part of it. Once this is setup, we > should consider changing the superpom to use ssl by default. > > Obviously doing something to validate pgp signatures is even better. > >> On Mon, Jul 28, 2014 at 10:14 PM, Mark Derricutt <[email protected]> wrote: >> Hey all, >> >> Just been reading [1] after it was mentioned in both #scala and #clojure on >> irc.freenode.org now, is there anything that can be done to alleviate some >> of these issues? >> >> oss.sonatype.org now requires everything to be GPG signed before being >> uploaded to central, but I'm not sure about any of the other means of >> getting artifacts uploaded. >> >> Are there any plugins out there to verify GPG signings of dependencies? >> >> Something to discuss on the dev-hangout maybe? >> >> >> [1] https://news.ycombinator.com/item?id=8099713 >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >>
