[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian mirrors and MITM

On Sat, May 31, 2014 at 12:32:59AM +1000, Alfie John wrote:
I'm definitely wanting to engage in serious discussion. I'm an avid
Debian user and am wanting to protect its users. This *is* the Debian
security mailing list after all right? All I was trying to do is ask
questions as to why it is currently not being HTTPS-enforced and I got
flamed for it.

Well, you haven't shown any sign of having studied the publically available documentation or checked the public archives relating to the design decisions. Yes it's the debian-security mailing list, but that doesn't mean that it's scalable for debian to provide a personal walkthrough of the entire package signing architecture for everyone who sends an email to the list, does it?

Mike Stone

Reply to: