[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ITI: HTTPS method for apt

On Sun, Mar 24, 2002 at 06:57:27PM +0100, Marc Haber wrote:
> On Wed, 20 Mar 2002 20:45:49 +0100, Florian Weimer
> <Weimer@CERT.Uni-Stuttgart.DE> wrote:
> >I agree (but I doubt the commercial part), but reencrypting the same
> >data over and over again is quite inefficient.  Furthermore, you don't
> >know the actual source of the package, you have to trust the mirror.
> >
> >Signing packages themselves is a much better approach IMHO.
> But https also allows the use of client certificates, which is quite
> useful if you use the .deb format to distribute commercial software
> that should only be downloaded by sites that paid for it.

So, let the company that is distributing the non-free software donate the 
time and resources required to build this support into apt.


Adam McKenna  <adam@debian.org>  <adam@flounder.net>

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: