[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HTTPS metadata in Mirrors.masterlist?



On 02/11/2014 09:31 AM, Colin Watson wrote:
On Tue, Feb 11, 2014 at 03:05:44PM +0100, Mattias Wadenstein wrote:
On Tue, 11 Feb 2014, Colin Watson wrote:
On Tue, Feb 11, 2014 at 01:04:29PM +0000, Colin Watson wrote:
I'm working on adding HTTPS support to d-i.  Now, I know that we already
have integrity by way of the GPG signature chain, but this isn't for
that; this is in response to feedback Canonical has had from some Ubuntu
customers (typically of the large and corporate variety) that they want
to do all of their apt traffic over HTTPS to avoid people snooping on
which packages various machines are installing.
Let me suggest that if they want to keep it a secret from people
able to snoop on their network traffic, they might want to consider
the much stronger protection of running their own mirror.
I'm not sure how much detail I'm allowed to go into, but in the specific
cases at hand, I believe they *are* running their own internal mirror,
but they want to make some efforts to conceal information from their own
employees who might be able to snoop on the network.  At least this is
as far as I've been able to tell, and I can see how it'd make sense for
sufficiently large organisations.

Having metadata about the public mirror network is mostly a nicety so
that we don't just drop people straight into manual mirror selection; it
seems like something we might as well track if mirror operators are
willing, though.

This topic has come up in mirrors a few times from users and the general conscientious was stated rather well by Mattias. As it stands, and to my knowledge, there are a handful of servers set up to support https.

The question really becomes what is the point? If the network traffic itself can be snooped then why not a smaller mirror set on the specific machines if they are still wary of using even localized mirror? Or a CD/DVD?

A caveat to those approaches is that the machines in question are still connected to the network and those machines are still running or querying services from the packages they installed.

Adding https support doesn't really solve the issue. From your later post this seems more of a network security issue for those admins to resolve.

Best Regards,

Donald Norwood


Reply to: