Am 02.04.20 um 16:55 schrieb Elmar Stellnberger:
Am 02.04.20 um 11:15 schrieb Lewis Yarema:But we have the atea tool now. Haven't we? You can use it to download via DNSSEC/DANE. And I believe Elmar is going to continue support for it. Debian itself can always support DANE as long as there are working DNSSEC impementations. Just provide a TLSA record. And I would believe that to be valuable since the problem about DNSSEC/DANE support is a bit like the hen and egg problem.Yes, sure, I am going to support a̅tea in the future. Support of security related programs and especially of a̅tea have absolute priority for me. I do what I can. The program appears so important to me because according to my knowledge there is no other program you can use for download with user supplied security certificate. wget and curl do all require you to trust a possibly untrustworthy CA. Besides this you can use DANE without direct support by any program. I have described who to do that by use of dig or drill at https://www.elstel.org/DANE/.
If there is someone else who has never heard about a̅tea: https://www.elstel.org/atea/ You may have missed my previous messages from debian-security: https://lists.debian.org/debian-security/2020/03/threads.html https://lists.debian.org/debian-security/2020/01/threads.htmlVince asked me because he did not get these messages to read though he was subscribed.
I also can´t explain why Patrick Schleizer did no more respond me though I have finally posted the message for him to this list.
https://lists.debian.org/debian-security/2020/03/msg00017.htmlHe is also subscribed and would need to have seen my posting. As it seems some people here don´t get my messages.