Re: How to download over https
Le 16/06/2016 18:18, Dan Purgert a écrit :
1)
So, the fact that HTTPS doesn't ~actually~ provide you with any security
when a "malicious party" has root accesss to the webserver,
AND that it
adds overhead to the transmission
Does it really add network overhead of just CPU overhead on the server ?
2)
Given that "debian" is the "well-trusted" party in this instance, their
providing of both
- their public signing key, AND
- the *.iso MD5 and/or SHA checksum(s)
on a HTTPS-secured webpage will suffice the conditions of "creating
trust" for most people.
1) and 2) sound contradictory to me.
Reply to: