Thanks, Luca. Will you notify this mailing list when the SSL certs have
been installed?
On Mon, Oct 28, 2013 at 10:01 PM, Luca Filipozzi wrote:
> On Mon, Oct 28, 2013 at 09:31:35PM -0400, Mark Haase wrote:
> > I'd like to suggest that Debian should at least use SSL on their security
> > site, ev
Dnia 2013-10-30, śro o godzinie 11:34 -0200, Djones Boni pisze:
> On 30-10-2013 11:05, Celejar wrote:
> > You're snipping crucial context; my comment above was in response to
> > this:
> >> For apt-get a self-signed certificate could be used which comes together
> >> with Debian. No CA required. Th
Djones Boni:
> On 30-10-2013 11:05, Celejar wrote:
>> You're snipping crucial context; my comment above was in response to
>> this:
>>> For apt-get a self-signed certificate could be used which comes together
>>> with Debian. No CA required. This is both simpler and safer.
>> I was pointing out tha
On 30-10-2013 11:05, Celejar wrote:
> You're snipping crucial context; my comment above was in response to
> this:
>> For apt-get a self-signed certificate could be used which comes together
>> with Debian. No CA required. This is both simpler and safer.
> I was pointing out that this comment makes
Iñaki Martinez de Ilarduya wrote:
The debian documentation has some extensive information about
securing your machine, with emphasis on servers:
http://www.debian.org/doc/manuals/securing-debian-howto/
I have used it as a guide several times, and consider it really
helpful.
Regards.
The tabl
On Wed, 30 Oct 2013 10:34:15 -0200
Djones Boni <07ea86b...@gmail.com> wrote:
> On 30-10-2013 09:51, Celejar wrote:
> > Maybe I'm missing something, but the security of the apt system has
> > nothing to do with SSL - it uses GPG signatures. This discussion about
> > SSL concerns the website, etc.
On 30-10-2013 09:51, Celejar wrote:
> Maybe I'm missing something, but the security of the apt system has
> nothing to do with SSL - it uses GPG signatures. This discussion about
> SSL concerns the website, etc.
The point is server authentication. Without SSL anyone can simply hack
DNS or MITM and
Celejar:
> Maybe I'm missing something, but the security of the apt system has
> nothing to do with SSL - it uses GPG signatures. This discussion about
> SSL concerns the website, etc.
That was indeed the original question, but it then drifted into the
direction into how great is would be to furth
On Wed, 30 Oct 2013 09:59:39 +
adrelanos wrote:
> For apt-get a self-signed certificate could be used which comes together
> with Debian. No CA required. This is both simpler and safer.
Maybe I'm missing something, but the security of the apt system has
nothing to do with SSL - it uses GPG s
The debian documentation has some extensive information about securing
your machine, with emphasis on servers:
http://www.debian.org/doc/manuals/securing-debian-howto/
I have used it as a guide several times, and consider it really helpful.
Regards.
On 30/10/13 12:27, Richard Owlett wrote:
B
Being new to Debian (and *nix generally) I went looking for
information before going online with my new install. I expected
links for guidance at http://www.debian.org/security/faq &/or
http://www.debian.org/security . Both seems to be focused on
internals than interaction with outside world.
For apt-get a self-signed certificate could be used which comes together
with Debian. No CA required. This is both simpler and safer.
Vipul Agarwal:
> How about if we use a SSL certificate signed by debian's own root CA which
> can be shipped with the distros? This will eliminate the paranoia abou
On Wed, Oct 30, 2013 at 09:15:44AM +, Vipul Agarwal wrote:
> How about if we use a SSL certificate signed by debian's own root CA which
> can be shipped with the distros?
If you want to be sure that TLS is not b0rken, you have to kick out each
CA, and to manually check each key again. What's a
How about if we use a SSL certificate signed by debian's own root CA which
can be shipped with the distros? This will eliminate the paranoia about NSA
having control over the existing CA especially the one based in the States.
-Vipul
On Oct 29, 2013 4:18 AM, "Volker Birk" wrote:
> On Mon, Oct 28
14 matches
Mail list logo
