Re: https for apt to prevent man in middle transparent proxy mirror attacks?
On Wed, 2004-06-09 at 18:28 +0200, Javier Fernández-Sanguino Peña wrote:
> On Wed, Jun 09, 2004 at 07:15:21AM -0700, Karl Hegbloom wrote:
> > > maybe i simply don't understand, but isn't Packages file signing done
> > > exactly to avoid such an attack?
> >
> > Can you please explain how that works?
>
> Sure, how about this:
> http://www.debian.org/doc/manuals/securing-debian-howto/ch7.en.html#s-deb-pack-sign
>
> Feel free to provide comments improving it if you don't understand it.
Thank you for pointing this out. It is exactly what I was in need of.
I will certainly read it and anything else you folks think I should see
regarding this topic. If I have any further questions, I'll post them
here as a reply on this thread.
--
Karl Hegbloom <hegbloom@pdx.edu>
Reply to: