Re: https for apt to prevent man in middle transparent proxy mirror attacks?

To: debian-devel@lists.debian.org
Subject: Re: https for apt to prevent man in middle transparent proxy mirror attacks?
From: Marc Haber <mh+debian-devel@zugschlus.de>
Date: Thu, 10 Jun 2004 10:26:08 +0200
Message-id: <[🔎] E1BYKsv-0007j0-8H@torres.ka0.zugschlus.de>
In-reply-to: <[🔎] 20040609143838.GA27719@cloud.net.au>
References: <[🔎] 1086788682.24313.434.camel@bittersweet.localnet> <[🔎] 1086790131.3618.23.camel@localhost> <[🔎] 1086790521.24313.438.camel@bittersweet.localnet> <[🔎] 20040609143838.GA27719@cloud.net.au>

On Thu, 10 Jun 2004 00:38:38 +1000, Hamish Moffatt <hamish@debian.org>
wrote:
>Hence you verify the GPG signature for the top-level release file and
>follow the md5sums from there. Simple.

As far as I remember, we don't have a program that does this
validation automatically. Additionally, this doesn't work too well for
unstable and testing since the signatures for unstable and testing are
created automatically. But https wouldn't be any better though.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Reply to:

Follow-Ups:
- Re: https for apt to prevent man in middle transparent proxy mirror attacks?
  - From: Peter Palfrader <weasel@debian.org>

References:
- https for apt to prevent man in middle transparent proxy mirror attacks?
  - From: Karl Hegbloom <hegbloom@pdx.edu>
- Re: https for apt to prevent man in middle transparent proxy mirror attacks?
  - From: Federico Di Gregorio <fog@initd.org>
- Re: https for apt to prevent man in middle transparent proxy mirror attacks?
  - From: Karl Hegbloom <hegbloom@pdx.edu>
- Re: https for apt to prevent man in middle transparent proxy mirror attacks?
  - From: Hamish Moffatt <hamish@debian.org>

Prev by Date: Re: Firefox, the Release and what should a debian developer do?
Next by Date: Re: https for apt to prevent man in middle transparent proxy mirror attacks?
Previous by thread: Re: https for apt to prevent man in middle transparent proxy mirror attacks?
Next by thread: Re: https for apt to prevent man in middle transparent proxy mirror attacks?
Index(es):
- Date
- Thread