Hi,
intrigeri wrote (27 Apr 2015 10:32:58 GMT) :
> bertagaz wrote (21 Jan 2015 11:10:39 GMT) :
>> Given most of the files downloaded by di-netboot-installer are done so
>> over insecure connections, it makes sense to have it verifying this files
>> or at least provide a way for sysadmins to do it.
I added this bug to the list of issues with securely downloading things
from the archive at
https://wiki.debian.org/Hardening/RepoAndImages
It might be interesting to think about these problems together, maybe some
of them can be solved in more general (or at least consistent) ways.
--
Matt
bertagaz wrote (21 Jan 2015 11:10:39 GMT) :
> Given most of the files downloaded by di-netboot-installer are done so
> over insecure connections, it makes sense to have it verifying this files
> or at least provide a way for sysadmins to do it.
Random idea: how about using the binary packages gene
Package: di-netboot-assistant
Severity: normal
User: tails-...@boum.org
Usertags: infra
Dear Maintainer,
Given most of the files downloaded by di-netboot-installer are done so
over insecure connections, it makes sense to have it verifying this files
or at least provide a way for sysadmins to do i
4 matches
Mail list logo
