CAA record is meant to be consumed by CA, not by end-users, thus it
doesn't provide much protection.
O.
--
Ondřej Surý
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Knot Resolver (https://www.knot-resolver.cz/) – secure, privacy-aware,
fast DNS(SEC) resolver
Vše pro chleba
On 26/07/2017 6:20 AM, Adam Borowski wrote:
> https provides no protection against targetted attacks by government agents.
> The CA cartel model consists of 400+ CAs, many of them outright controlled
> by governments, most of the rest doing what they're told (no, warrants are
> are a story for n
On Wed, Jul 26, 2017 at 07:01:36AM +0800, James Bromberger wrote:
> On 26/07/2017 6:20 AM, Adam Borowski wrote:
> > https provides no protection against targetted attacks by government
> > agents.
> > The CA cartel model consists of 400+ CAs, many of them outright controlled
> > by governments, m
On Tue, Jul 25, 2017 at 09:56:41PM +0100, Chris Lamb wrote:
> > your repositories on "debian.org" (especially "http://security.debian.org/";
> > !!) are not!
>
> The files are cryptographically signed which guarantees
> they haven't been tampered with
On Tue, 25 Jul 2017, Chris Lamb wrote:
> Zeiha,
>
> > your repositories on "debian.org" (especially "http://security.debian.org/";
> > !!) are not!
> In short, there's no need for SSL. Please see
> <https://wiki.debian.org/SecureApt> for t
Zeiha,
> your repositories on "debian.org" (especially "http://security.debian.org/";
> !!) are not!
This has been brought up many times on many lists; please
see/search the archives in future.
The files are cryptographically signed which guarantees
they haven'
Dear Madams, dear Sirs,
quite all web-pages of "debian.org" (even the "forums") are available
through secure-http (https, port 443), but your repositories on
"debian.org" (especially "http://security.debian.org/"; !!) are not!
Why?? Beside vulnerabilities
On Ter, 2004-02-03 at 14:00, John Goerzen wrote:
> seem easy enough to at least log on to the machine that hosts *the*
> www.debian.org and vi a couple of files.
I don't think it's THAT easy, but I do agree that we could exploit (oh
geez, did I say that word?!) the possibility of fortifying our ba
On Tue, Feb 03, 2004 at 12:00:28PM +0100, Bartosz Fenski aka fEnIo wrote:
> On Tue, Feb 03, 2004 at 11:25:36AM +0100, Stephan Austermühle wrote:
> > > > I cannot reach security.debian.org since saturday or so. What's up?
> > > http://lists.debian.org/debian-news/d
Michael Banck wrote:
> > Right, they access www.debian.org and try to find a status note. It
> > can't be that difficult to put a note on the webserver manually even
> > without tool support.
>
> The problem is that we don't have 'the' webserver. We have a couple of
> dozen mirrors, running www.d
On Tue, Feb 03, 2004 at 12:32:43PM +0100, Michael Banck wrote:
> On Tue, Feb 03, 2004 at 12:05:32PM +0100, Stephan Austermühle wrote:
> > On Tue, Feb 03, 2004 at 11:49:30AM +0100, Martin Schulze wrote:
> >
> > > It would be very nice if people would actually READ the
> > > announcement. W
Jeroen van Wolffelaar:
> Where is that stated?
http://www.debian.org/News/ (maybe not all too obvious, though, and the
front page only lists -announce)
--
\\//
Peter - http://www.softwolves.pp.se/
I do not read or respond to mail with HTML attachments.
On Tue, Feb 03, 2004 at 01:29:35PM +0100, Jeroen van Wolffelaar wrote:
> [EMAIL PROTECTED] host www.debian.org
> www.debian.org has address 192.25.206.10
> [EMAIL PROTECTED] host 192.25.206.10
> 10.206.25.192.in-addr.arpa domain name pointer gluck.debian.org.
> [EMAIL PROTECTED]
>
> I guess most
On Tue, Feb 03, 2004 at 12:32:43PM +0100, Michael Banck wrote:
> On Tue, Feb 03, 2004 at 12:05:32PM +0100, Stephan Austerm?hle wrote:
> > ...
> debian-news should be subscribed by everybody remotely interested in
> Debian.
Yes, but quite some people simply don't. Hard to change.
> > Right, they
On Tue, Feb 03, 2004 at 12:05:32PM +0100, Stephan Austermühle wrote:
> On Tue, Feb 03, 2004 at 11:49:30AM +0100, Martin Schulze wrote:
>
> > It would be very nice if people would actually READ the
> > announcement. Why? Because then they would learn that we cannot
> > update the website
Hi,
On Tue, Feb 03, 2004 at 11:49:30AM +0100, Martin Schulze wrote:
> It would be very nice if people would actually READ the
> announcement. Why? Because then they would learn that we cannot
> update the website without the www-master service which is ON
> klecker.
Sorry for the incon
On Tue, Feb 03, 2004 at 11:49:30AM +0100, Martin Schulze wrote:
> DAMN IT! DO PEOPLE THINK I WASTE MY TIME JUST FOR THE FUN OF IT?
We've never been able to figure out why you waste your time.
--
.''`. ** Debian GNU/Linux ** | Andrew Suffield
: :' : http://www.debian.org/ |
`. `'
Stephan Austermühle wrote:
> Hi,
>
> On Tue, Feb 03, 2004 at 09:08:59AM +0100, Martin Schulze wrote:
>
> > > I cannot reach security.debian.org since saturday or so. What's up?
> > http://lists.debian.org/debian-news/debian-news-2004/msg5.html
>
> It&
On Tue, Feb 03, 2004 at 11:25:36AM +0100, Stephan Austermühle wrote:
> > > I cannot reach security.debian.org since saturday or so. What's up?
> > http://lists.debian.org/debian-news/debian-news-2004/msg5.html
> It'd be very nice if someone could drop a
Hi,
On Tue, Feb 03, 2004 at 09:08:59AM +0100, Martin Schulze wrote:
> > I cannot reach security.debian.org since saturday or so. What's up?
> http://lists.debian.org/debian-news/debian-news-2004/msg5.html
It'd be very nice if someone could drop a note in the news sectio
Stephan Austermühle wrote:
> Hi,
>
> I cannot reach security.debian.org since saturday or so. What's up?
http://lists.debian.org/debian-news/debian-news-2004/msg5.html
Joey
--
Given enough thrust pigs will fly, but it's not necessarily a good idea.
Hi,
I cannot reach security.debian.org since saturday or so. What's up?
Stephan
signature.asc
Description: Digital signature
* Dave Seff <[EMAIL PROTECTED]> [040202 21:52]:
> Is this site down? I am timing out while trying to apt-get the CVS
> pachage.
http://lists.debian.org/debian-news/debian-news-2004/msg5.html
On Mon, Feb 02, 2004 at 03:52:43PM -0500, Dave Seff wrote:
> Is this site down? I am timing out while trying to apt-get the CVS
> pachage.
http://lists.debian.org/debian-news/debian-news-2004/msg5.html
--
- mdz
Is this site down? I am timing out while trying to apt-get the CVS
pachage.
Thanks,
--
Dave Seff <[EMAIL PROTECTED]>
On Thu, Nov 21, 2002 at 02:08:50AM +1000, Anthony Towns wrote:
> > Never mind unofficial:
> > http://www.debian.org/mirror/list-non-US
> ^^
> We don't have official security mirrors. Probably should rethink that.
Err, oops, I read that too fast, thought he w
On Wed, Nov 20, 2002 at 08:59:59AM -0600, John Goerzen wrote:
> On Wed, Nov 20, 2002 at 12:50:53PM +0100, Wichert Akkerman wrote:
> > Previously Richard van den Berg wrote:
> > > Is it possible to set up a mirror somewhere for the time being?
> > There are a number of unofficial mirrors available.
On Wed, Nov 20, 2002 at 12:50:53PM +0100, Wichert Akkerman wrote:
> Previously Richard van den Berg wrote:
> > Is it possible to set up a mirror somewhere for the time being?
>
> There are a number of unofficial mirrors available. If you need one in .nl
> try this one:
>
> deb http://ftp.debian.n
Previously Richard van den Berg wrote:
> Is it possible to set up a mirror somewhere for the time being?
There are a number of unofficial mirrors available. If you need one in .nl
try this one:
deb http://ftp.debian.nl/debian-security woody/updates main contrib non-free
Wichert.
--
_
security.debian.org is hosted by the University of Twente in The
Netherlands (www.utwente.nl). Their data center caught fire a few hours
ago. As a result their class B (130.89.0.0/16) disappeared from the
internet. A news article mentions that most servers and infrastructure
has been distroyed
30 matches
Mail list logo
