On 12/04/13 08:35, Manuel Munz wrote:
On 11.04.2013 23:10, Peter Lawler wrote:
Given the place that OpenWRT sits in people's networks, I would strongly
encourage the development team to consider moving the download system to
forcing HTTPS connections and ditching MD5 for SHA-2.
Regards,
Pete.
I agree with most of what you said and think this should be done. But
not with that https should be enforced. One upgrade path for me and many
others is to wget a new image. wget in busybox does not support ssl, so
we would be forced to install the full wget + ssl libs just for this task.
Regards, soma
That's a very good point that, with apologies, I'd not considered at
6AM, because of (a) lack of coffee (b) the boxen I have myself ;)
I guess this sort of raises the questions whether systems that are known
to have sufficient flash should be built with wget + ssl by default, as
well as luci-ssl?
They're always the first thing I throw on and having them downloaded
over http does seem a bit self defeating.
Regards,
Pete.
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
