[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: people.debian.org will move from ravel to paradis and become HTTPS only

On Sun, Jul 20, 2014 at 08:23:58PM +0200, Philipp Kern wrote:
> On 2014-07-20 08:15, Wouter Verhelst wrote:
> >True, but debian-installer simply does not support any signed/encrypted
> >preseeding.
> […]
> >Granted, these are probably bugs, and IIRC Colin was working on
> >providing HTTPS support for jessie. Still, I while I support enabling
> >HTTPS for people.d.o, I think disabling HTTP is overdoing it.
> 
> FWIW, Ubuntu trusty and precise both support HTTPS now (support was
> backported from trusty). wget would need to build a udeb in Debian
> and be able to take over /usr/bin/wget from busybox in d-i. I think
> the other changes are all in d-i parts. Basically you append trusted
> certs to the initramfs by specifying two initrds in the bootloader
> that are concatenated.
> 
> Somebody™ would need to do the work, though.

I'll hopefully get to finishing this at DebConf; I think I merged most
of the safe and independent pieces already, and mostly just need to deal
with wget-udeb.  I'm not expecting to backport this to wheezy though.

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: