- DNS Hijacking
- DNS Spoofing
- SSL Stripping
- Encourage X.509 use with -P HighSecurity default
- Integrate RubyGems cert creation process with CA(s) such that maintainers cert is offered to be signed by CA(s)
- Gem maintainer goes rogue
- Gem maintainer loses or publicly discloses cert
- Cert stolen
- CA(s) revoke cert
- RubyGems checks revocation list
- Multipe maintainers pushing same gem
- Do you at least have control of the email address you claim is yours?
- Verify real names of gem maintainers
- Verify that gem contents are safe and non-malicious