equal
deleted
inserted
replaced
369 <chapter> |
369 <chapter> |
370 <name>Network interactions</name> |
370 <name>Network interactions</name> |
371 <id>d3edb71b-8668-4290-a669-19694956e3aa</id> |
371 <id>d3edb71b-8668-4290-a669-19694956e3aa</id> |
372 <item> |
372 <item> |
373 <id>c967092e-09e9-4c68-90bf-aa8cb441f7dc</id> |
373 <id>c967092e-09e9-4c68-90bf-aa8cb441f7dc</id> |
374 <text>no network connection is needed during build – build must be possible completely offline, all dependencies must be downloadable and documented including secure hashes or better cryptographic signatures</text> |
374 <text>no network connection is needed during build – build must be possible completely offline, all dependencies must be downloadable and documented including secure hashes or preferably cryptographic signatures</text> |
375 </item> |
375 </item> |
376 <item> |
376 <item> |
377 <id>b5515d33-1531-4361-8baf-a99ca461e763</id> |
377 <id>b5515d33-1531-4361-8baf-a99ca461e763</id> |
378 <text>if dependencies are optionally automatically downloaded during/before build, the packaging system must cryptographically verify that that they are undamaged</text> |
378 <text>if dependencies are optionally automatically downloaded during/before build, the packaging system must cryptographically verify that that they are undamaged</text> |
379 </item> |
379 </item> |
484 <id>d5fbcc9e-a12c-44ce-909b-f514a579ab7e</id> |
484 <id>d5fbcc9e-a12c-44ce-909b-f514a579ab7e</id> |
485 <text>JavaScript or other code executed on client computers must be also free software with properly declared license.</text> |
485 <text>JavaScript or other code executed on client computers must be also free software with properly declared license.</text> |
486 <note>see https://www.gnu.org/software/librejs/</note> |
486 <note>see https://www.gnu.org/software/librejs/</note> |
487 </item> |
487 </item> |
488 <item> |
488 <item> |
|
489 <id>e02c3fba-93f3-4f16-bd23-f49a203e40bc</id> |
|
490 <text>The website should not require a modern complex browser for basic tasks like reading the documentation, downloading a release or submitting a bug report.</text> |
|
491 <text>Such tasks should be feasible even with simple text browsers (e.g. Lynx or Links2).</text> |
|
492 <note>Modern browsers consists of 20 or 25 millions lines of code. Requiring such complex software for basic tasks is not reasonable.</note> |
|
493 </item> |
|
494 <item> |
489 <id>c89e8699-574c-4b28-9f65-6284d6051f68</id> |
495 <id>c89e8699-574c-4b28-9f65-6284d6051f68</id> |
490 <text>There must be a crpyptographically secured (GnuPG/OpenPGP or X.509) e-mail address or a secure web form for receiving security vulnerabilities reports.</text> |
496 <text>There must be a crpyptographically secured (GnuPG/OpenPGP or X.509) e-mail address or a secure web form for receiving security vulnerabilities reports.</text> |
491 <note>Particular authors should publish their public keys.</note> |
497 <note>Particular authors should publish their public keys.</note> |
492 <note>Every security incident must be clearly documented and investigated – do not obscure it.</note> |
498 <note>Every security incident must be clearly documented and investigated – do not obscure it.</note> |
493 </item> |
499 </item> |