Re: concrete steps for improving apt downloading security and privacy
On Wed, Jul 9, 2014 at 10:11 PM, Michael Stone <firstname.lastname@example.org> wrote:
> On Wed, Jul 09, 2014 at 06:29:09PM -0600, Kitty Cat wrote:
>> For years I have been concerned with MITM attacks on Debian mirrors.
> We discussed this literally within the past couple of months on this list,
> at length. Have you read the archives, including the posts about how to
> establish a trust path to the ISOs?
It would be nice for this information to be somewhere more formal than
in mailing list archives. Threat models are becoming increasingly
important to convey to end users.