[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian mirrors and MITM

On Fri, May 30, 2014 at 10:15:01PM +1000, Alfie John wrote:
The public Debian mirrors seem like an obvious target for governments to
MITM. I know that the MD5s are also published, but unless you're
verifying them with third parties, what's stopping the MD5s being
compromised too?

The cryptographic signatures that are validated automatically by apt.
Reply to: