[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian mirrors and MITM

On Thu, Jul 03, 2014 at 12:46:45PM -0400, Hans-Christoph Steiner wrote:
Google uses SPKI pinning heavily, for example,
but they still use CA-signed certificates so their HTTPS works with Firefox,
IE, Opera, etc.

Yes, and MS does similar. The difference is, they own their infrastructure and debian relies on donations. It's a lot harder for debian to control the certificates on third party machines than it is for a big company to control the certificates on its own machines.

Mike Stone

Reply to: