[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: client-side signature checking of Debian archives

On Sun, Oct 23, 2016 at 10:45 AM, Ivan Shmakov <ivan@siamics.net> wrote:
>         use TLS /alongside/ the usual Debian/APT signatures – not
>         instead of them; and the primary goal is to improve user’s
>         privacy.  That is: only the mirror operator will remain

Exactly right. The point is to improve privacy. Integrity of packages
is not directly vulnerable unless more APT / GPG / parsing
vulnerabilities are identified publicly (NSA surely has some
privately). HTTPS+HPKP doesn't make anything weaker and actually would
also help limit those unknown parsing vectors outlined previously.


Kristian Erik Hermansen

Reply to: