[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Certificate failure on ftp.debian.au

On Sat, Sep 10, 2011 at 11:19:25PM +1000, Heddle Weaver wrote:
> On 10 September 2011 22:06, Dominik Bay <eimann@etherkiller.de> wrote:
> > On Sat, Sep 10, 2011 at 13:46, Heddle Weaver <weaver2world@gmail.com>
> > wrote:
> > > I haven't joined the list, but thought I should let somebody know.
> > > These are the lines I'm receiving through aptitude at present:
> > >
> > > root@192-168-1-1:/home/nomad# aptitude update
> > > Ign https://ftp.au.debian.org unstable InRelease
> >
> > Why are you using https in the first place?
> *http://tinyurl.com/427rzrm

Please don't use shortened urls ..

> > If you want to use https,
> I do and the way the world's going, you're mad if you don't.

Integrity and authentication of packages are already achieved in Debian through
debian-archive-keyring package (which contains public gpg key used) and signed
checksums in the archive (by this same key).
> > you should take care of trusting certificates too.
> I do.
> I contacted the list because I thought there may be a problem.
> Apparently the situation is a maintenance one.

There is no https mirror in the list advertised and used in the Debian

So there is no check a https daemon running neither validity of SSL
certificates of mirrors.

The SSL certificate is appears to be auto-signed and generated for
mirror.linux.org.au, the hoster of ftp.au.d.o.

Simon Paillard

Reply to: