23 Mar
2022
23 Mar
'22
2:57 p.m.
I was trying to do an install/build on my Fedora 23 development system, which, admittedly,
is old. My python version was too old. I decided to get the latest Fedora and upgrade
things. When I tried to initiate the download I received an invalid certificate error.
Really. Considering what I'm downloading, I decided not to override.
Anyone else seen this? I consider this a sign of rapidly approaching death, most of the
time. Also, I couldn't find the usual "spins" option for the download. I
like to use XFCE.
For now, I'm going to python.org and taking my chances there.
-Gary
23 Mar
23 Mar
5:48 p.m.
Quoting Gary (saclug(a)garymcglinn.com):
I was trying to do an install/build on my Fedora 23
development
system, which, admittedly, is old. My python version was too old. I
decided to get the latest Fedora and upgrade things. When I tried to
initiate the download I received an invalid certificate error.
Really. Considering what I'm downloading, I decided not to override.
Fedora Project is here:
https://getfedora.org/
I don't see any site-certificate problems, but frankly for a distro ISO
you ought to check SHA256SUMs and their PGP signatures. (Whether the
site SSL cert is attested by Certificate Authorities is not the relevant
question.) On that site, I see download links for three official
editions (Server, Workstation, and IoT) and two "Emerging Editions"
(CoreOS and Silverblue).
I test-downloaded Fedora-Workstation-Live-x86_64-35-1.2.iso . They make
it hard to find the files to verify download -- which IMO is pretty
irresponsible. To find them, you have to follow the "learn more' link,
then the Download tab, then scroll way down to the bottom-left where
they have
We take security seriously.
Once you have downloaded an image, be sure to verify it for both
security and integrity.
Verify your download. [link]
Hey, RHAT assclowns! If you took security seriously, you would make
these details as prominent as the ISO downloads.
Anyway, following all those links takes you finally to
https://getfedora.org/en/security/ , where (finally) there are checksums
for various things and access to the Fedora signing keyring and a
reminder of how to use that.
Anyone else seen this? I consider this a sign of
rapidly approaching
death, most of the time. Also, I couldn't find the usual "spins"
option for the download. I like to use XFCE.
"Spins" have apparently been fobbed off onto a separate site,
https://spins.fedoraproject.org/xfce/
That site displays the same irresponsibility about verification
information, it being banished to a hidden-away "Verify your Download!"
page.
10:21 p.m.
The getfedora.org site looks amazingly similar to the fedoraproject.org site. But
apparently the certificates are better maintained. I ended up doing my download, which is
still in progress, from the spins.fedoraproject.org site.
Thanks for the help and info.
Python3 compiled very nicely. But it wouldn't do much because the old openssl
didn't have all the api's it needed. Which I experience first and then found in
the configure messages. I could see this was going to be a pointless rabbit hole. Which
is usually the case.
I think I was fairly smart about my partitioning last time, so I'm hoping I can just
upgrade the system partition and won't have to export and import much.
I'll have to reinstall stuff, so I'll dump my history first.
-Gary
On Wed, Mar 23, 2022 at 10:48:05AM -0700, Rick Moen wrote:
Quoting Gary (saclug(a)garymcglinn.com):
I was trying to do an install/build on my Fedora
23 development
system, which, admittedly, is old. My python version was too old. I
decided to get the latest Fedora and upgrade things. When I tried to
initiate the download I received an invalid certificate error.
Really. Considering what I'm downloading, I decided not to override.
Fedora Project is here:
https://getfedora.org/
I don't see any site-certificate problems, but frankly for a distro ISO
you ought to check SHA256SUMs and their PGP signatures. (Whether the
site SSL cert is attested by Certificate Authorities is not the relevant
question.) On that site, I see download links for three official
editions (Server, Workstation, and IoT) and two "Emerging Editions"
(CoreOS and Silverblue).
I test-downloaded Fedora-Workstation-Live-x86_64-35-1.2.iso . They make
it hard to find the files to verify download -- which IMO is pretty
irresponsible. To find them, you have to follow the "learn more' link,
then the Download tab, then scroll way down to the bottom-left where
they have
We take security seriously.
Once you have downloaded an image, be sure to verify it for both
security and integrity.
Verify your download. [link]
Hey, RHAT assclowns! If you took security seriously, you would make
these details as prominent as the ISO downloads.
Anyway, following all those links takes you finally to
https://getfedora.org/en/security/ , where (finally) there are checksums
for various things and access to the Fedora signing keyring and a
reminder of how to use that.
Anyone else seen this? I consider this a sign of
rapidly approaching
death, most of the time. Also, I couldn't find the usual "spins"
option for the download. I like to use XFCE.
"Spins" have apparently been fobbed off onto a separate site,
https://spins.fedoraproject.org/xfce/
That site displays the same irresponsibility about verification
information, it being banished to a hidden-away "Verify your Download!"
page.
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com 
10:29 p.m.
The https://getfedora.org/ site shows a valid certificate for me.
Maybe you have an old browser that doesn't have the current certificate
authorities?
Brian
On Wed, Mar 23, 2022 at 03:21:02PM -0700, Gary wrote:
The getfedora.org site looks amazingly similar to the
fedoraproject.org site. But apparently the certificates are better maintained. I ended
up doing my download, which is still in progress, from the spins.fedoraproject.org site.
Thanks for the help and info.
Python3 compiled very nicely. But it wouldn't do much because the old openssl
didn't have all the api's it needed. Which I experience first and then found in
the configure messages. I could see this was going to be a pointless rabbit hole. Which
is usually the case.
I think I was fairly smart about my partitioning last time, so I'm hoping I can just
upgrade the system partition and won't have to export and import much.
I'll have to reinstall stuff, so I'll dump my history first.
-Gary
On Wed, Mar 23, 2022 at 10:48:05AM -0700, Rick Moen wrote:
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
Quoting Gary (saclug(a)garymcglinn.com):
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com I was trying to do an install/build on my Fedora
23 development
system, which, admittedly, is old. My python version was too old. I
decided to get the latest Fedora and upgrade things. When I tried to
initiate the download I received an invalid certificate error.
Really. Considering what I'm downloading, I decided not to override.
Fedora Project is here:
https://getfedora.org/
I don't see any site-certificate problems, but frankly for a distro ISO
you ought to check SHA256SUMs and their PGP signatures. (Whether the
site SSL cert is attested by Certificate Authorities is not the relevant
question.) On that site, I see download links for three official
editions (Server, Workstation, and IoT) and two "Emerging Editions"
(CoreOS and Silverblue).
I test-downloaded Fedora-Workstation-Live-x86_64-35-1.2.iso . They make
it hard to find the files to verify download -- which IMO is pretty
irresponsible. To find them, you have to follow the "learn more' link,
then the Download tab, then scroll way down to the bottom-left where
they have
We take security seriously.
Once you have downloaded an image, be sure to verify it for both
security and integrity.
Verify your download. [link]
Hey, RHAT assclowns! If you took security seriously, you would make
these details as prominent as the ISO downloads.
Anyway, following all those links takes you finally to
https://getfedora.org/en/security/ , where (finally) there are checksums
for various things and access to the Fedora signing keyring and a
reminder of how to use that.
Anyone else seen this? I consider this a sign of
rapidly approaching
death, most of the time. Also, I couldn't find the usual "spins"
option for the download. I like to use XFCE.
"Spins" have apparently been fobbed off onto a separate site,
https://spins.fedoraproject.org/xfce/
That site displays the same irresponsibility about verification
information, it being banished to a hidden-away "Verify your Download!"
page.
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com
10:37 p.m.
Well, maybe, but spins.fedoraproject.org was fine with it. It was fedoraproject.org that
had issues.
Hopefully I'll be upgraded to 35 soon.
-Gary
On Wed, Mar 23, 2022 at 03:29:48PM -0700, Brian E. Lavender wrote:
The https://getfedora.org/ site shows a valid
certificate for me.
Maybe you have an old browser that doesn't have the current certificate
authorities?
Brian
On Wed, Mar 23, 2022 at 03:21:02PM -0700, Gary wrote:
The getfedora.org site looks amazingly similar to
the fedoraproject.org site. But apparently the certificates are better maintained. I
ended up doing my download, which is still in progress, from the spins.fedoraproject.org
site.
Thanks for the help and info.
Python3 compiled very nicely. But it wouldn't do much because the old openssl
didn't have all the api's it needed. Which I experience first and then found in
the configure messages. I could see this was going to be a pointless rabbit hole. Which
is usually the case.
I think I was fairly smart about my partitioning last time, so I'm hoping I can just
upgrade the system partition and won't have to export and import much.
I'll have to reinstall stuff, so I'll dump my history first.
-Gary
On Wed, Mar 23, 2022 at 10:48:05AM -0700, Rick Moen wrote:
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com Quoting Gary (saclug(a)garymcglinn.com):
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com I was trying to do an install/build on my Fedora
23 development
system, which, admittedly, is old. My python version was too old. I
decided to get the latest Fedora and upgrade things. When I tried to
initiate the download I received an invalid certificate error.
Really. Considering what I'm downloading, I decided not to override.
Fedora Project is here:
https://getfedora.org/
I don't see any site-certificate problems, but frankly for a distro ISO
you ought to check SHA256SUMs and their PGP signatures. (Whether the
site SSL cert is attested by Certificate Authorities is not the relevant
question.) On that site, I see download links for three official
editions (Server, Workstation, and IoT) and two "Emerging Editions"
(CoreOS and Silverblue).
I test-downloaded Fedora-Workstation-Live-x86_64-35-1.2.iso . They make
it hard to find the files to verify download -- which IMO is pretty
irresponsible. To find them, you have to follow the "learn more' link,
then the Download tab, then scroll way down to the bottom-left where
they have
We take security seriously.
Once you have downloaded an image, be sure to verify it for both
security and integrity.
Verify your download. [link]
Hey, RHAT assclowns! If you took security seriously, you would make
these details as prominent as the ISO downloads.
Anyway, following all those links takes you finally to
https://getfedora.org/en/security/ , where (finally) there are checksums
for various things and access to the Fedora signing keyring and a
reminder of how to use that.
Anyone else seen this? I consider this a sign of
rapidly approaching
death, most of the time. Also, I couldn't find the usual "spins"
option for the download. I like to use XFCE.
"Spins" have apparently been fobbed off onto a separate site,
https://spins.fedoraproject.org/xfce/
That site displays the same irresponsibility about verification
information, it being banished to a hidden-away "Verify your Download!"
page.
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com
10:52 p.m.
I think you are definitely on the right path to upgrade to F35. I use
XFCE on one of my computers too! I think it's a good spin. I believe you
might be able to install with regular media and change the desktop
environment. The #fedora irc channel is pretty good too!
Check #fedora on libera.chat
irc.libera.chat
Brian
On Wed, Mar 23, 2022 at 03:37:56PM -0700, Gary wrote:
Well, maybe, but spins.fedoraproject.org was fine with
it. It was fedoraproject.org that had issues.
Hopefully I'll be upgraded to 35 soon.
-Gary
On Wed, Mar 23, 2022 at 03:29:48PM -0700, Brian E. Lavender wrote:
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
The https://getfedora.org/ site shows a valid
certificate for me.
Maybe you have an old browser that doesn't have the current certificate
authorities?
Brian
On Wed, Mar 23, 2022 at 03:21:02PM -0700, Gary wrote:
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com The getfedora.org site looks amazingly similar to
the fedoraproject.org site. But apparently the certificates are better maintained. I
ended up doing my download, which is still in progress, from the spins.fedoraproject.org
site.
Thanks for the help and info.
Python3 compiled very nicely. But it wouldn't do much because the old openssl
didn't have all the api's it needed. Which I experience first and then found in
the configure messages. I could see this was going to be a pointless rabbit hole. Which
is usually the case.
I think I was fairly smart about my partitioning last time, so I'm hoping I can just
upgrade the system partition and won't have to export and import much.
I'll have to reinstall stuff, so I'll dump my history first.
-Gary
On Wed, Mar 23, 2022 at 10:48:05AM -0700, Rick Moen wrote:
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com Quoting Gary (saclug(a)garymcglinn.com):
> I was trying to do an install/build on my Fedora 23 development
> system, which, admittedly, is old. My python version was too old. I
> decided to get the latest Fedora and upgrade things. When I tried to
> initiate the download I received an invalid certificate error.
> Really. Considering what I'm downloading, I decided not to override.
Fedora Project is here:
https://getfedora.org/
I don't see any site-certificate problems, but frankly for a distro ISO
you ought to check SHA256SUMs and their PGP signatures. (Whether the
site SSL cert is attested by Certificate Authorities is not the relevant
question.) On that site, I see download links for three official
editions (Server, Workstation, and IoT) and two "Emerging Editions"
(CoreOS and Silverblue).
I test-downloaded Fedora-Workstation-Live-x86_64-35-1.2.iso . They make
it hard to find the files to verify download -- which IMO is pretty
irresponsible. To find them, you have to follow the "learn more' link,
then the Download tab, then scroll way down to the bottom-left where
they have
We take security seriously.
Once you have downloaded an image, be sure to verify it for both
security and integrity.
Verify your download. [link]
Hey, RHAT assclowns! If you took security seriously, you would make
these details as prominent as the ISO downloads.
Anyway, following all those links takes you finally to
https://getfedora.org/en/security/ , where (finally) there are checksums
for various things and access to the Fedora signing keyring and a
reminder of how to use that.
> Anyone else seen this? I consider this a sign of rapidly approaching
> death, most of the time. Also, I couldn't find the usual "spins"
> option for the download. I like to use XFCE.
"Spins" have apparently been fobbed off onto a separate site,
https://spins.fedoraproject.org/xfce/
That site displays the same irresponsibility about verification
information, it being banished to a hidden-away "Verify your Download!"
page.
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com
_______________________________________________
Lug-nuts mailing list -- lug-nuts(a)bigbrie.com
To unsubscribe send an email to lug-nuts-leave(a)bigbrie.com
24 Mar
24 Mar
2:32 a.m.
Quoting Gary (saclug(a)garymcglinn.com):
Well, maybe, but spins.fedoraproject.org was fine with
it. It was fedoraproject.org that had issues.
FWIW, that's still puzzling, because...
http://fedoraproject.org/ or https://fedoraproject.org/ does an
automatic HTTP 302 redirect to https://getfedora.org/
1018
days inactive
1019
days old
6 comments
3 participants
participants (3)
-
Brian E. Lavender -
Gary -
Rick Moen