Package: apt Version: 0.7.14 Severity: wishlist APT https method does not provide a way to verify revocation status of server certificate. This is probably associated with the lack of support in the underlying library (libcurl-gnutls) but Axel and I pushed patches to curl maintainers that provide the feature. I already sent a message with the patches that provide an option for providing CRL directly to deity@lists.debian.org, but got not reply: http://permalink.gmane.org/gmane.linux.debian.apt.devel/14771 Note that the patches for libcurl are now in the CVS and will be in the next stable version. Cheers, a+
Attachment:
pgpxHs0qvx6vu.pgp
Description: PGP signature