Re: ITI: HTTPS method for apt
On Sun, Mar 24, 2002 at 06:57:27PM +0100, Marc Haber wrote:
> On Wed, 20 Mar 2002 20:45:49 +0100, Florian Weimer
> <Weimer@CERT.Uni-Stuttgart.DE> wrote:
> >I agree (but I doubt the commercial part), but reencrypting the same
> >data over and over again is quite inefficient. Furthermore, you don't
> >know the actual source of the package, you have to trust the mirror.
> >Signing packages themselves is a much better approach IMHO.
> But https also allows the use of client certificates, which is quite
> useful if you use the .deb format to distribute commercial software
> that should only be downloaded by sites that paid for it.
So, let the company that is distributing the non-free software donate the
time and resources required to build this support into apt.
Adam McKenna <firstname.lastname@example.org> <email@example.com>
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com