Re: ITI: HTTPS method for apt
On Sun, Mar 24, 2002 at 06:57:27PM +0100, Marc Haber wrote:
> On Wed, 20 Mar 2002 20:45:49 +0100, Florian Weimer
> <Weimer@CERT.Uni-Stuttgart.DE> wrote:
> >I agree (but I doubt the commercial part), but reencrypting the same
> >data over and over again is quite inefficient. Furthermore, you don't
> >know the actual source of the package, you have to trust the mirror.
> >
> >Signing packages themselves is a much better approach IMHO.
>
> But https also allows the use of client certificates, which is quite
> useful if you use the .deb format to distribute commercial software
> that should only be downloaded by sites that paid for it.
So, let the company that is distributing the non-free software donate the
time and resources required to build this support into apt.
--Adam
--
Adam McKenna <adam@debian.org> <adam@flounder.net>
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: