[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian mirrors and MITM

On Fri, May 30, 2014 at 11:50:32PM +1000, Alfie John wrote:
Several times (public and private) I tried to explain how the download
of APT (the binary itself) on an initial Debian install could be
compromised via MITM since it's over plaintext. Then the verification of
packages could simply be skipped (hence NOP). I'm not sure why you're
bringing libc and libgpg into the conversation.

You were given a solution which is cryptographically sound and with a verifiable trust path, and you're rejecting it because you simply don't like it and would rather see a different solution with a weaker trust path. I'm not sure why you're continuing this argument.

If you want to engage in a serious discussion about enhancing the current implementation or adding additional options, I'd suggest that you first study how the current implementation works, why it was implemented the way it was, the constraints inherent in the distributed mirror model, etc.

Reply to: