Re: client-side signature checking of Debian archives
On Sun, Oct 23, 2016 at 10:45 AM, Ivan Shmakov <ivan@siamics.net> wrote:
> use TLS /alongside/ the usual Debian/APT signatures – not
> instead of them; and the primary goal is to improve user’s
> privacy. That is: only the mirror operator will remain
>
Exactly right. The point is to improve privacy. Integrity of packages
is not directly vulnerable unless more APT / GPG / parsing
vulnerabilities are identified publicly (NSA surely has some
privately). HTTPS+HPKP doesn't make anything weaker and actually would
also help limit those unknown parsing vectors outlined previously.
--
Regards,
Kristian Erik Hermansen
https://www.linkedin.com/in/kristianhermansen
Reply to: