Re: APT upload

To: deity@lists.debian.org
Subject: Re: APT upload
From: arno@natisbad.org (Arnaud Ebalard)
Date: Thu, 11 Sep 2008 09:45:02 +0200
Message-id: <[🔎] 87fxo715z5.fsf@natisbad.org>
References: <[🔎] 20080910045918.GD27005@mykerinos.kheops.frmug.org> <[🔎] 20080910202133.GD23339@tas.localdomain>

Hi,

Michael Vogt <mvo@debian.org> writes:

>> The only risk is that I'm unsure whether the current debian-sid branch
>> would be suitable for the release team as it has a few *other*
>> changes:
>
> I merged those changes carefully from my development branch. I think
> they are fine. I will comment on them in more detail below.
>
>>   [ Michael Vogt ]
>>   * merge patch that enforces stricter https server certificate
>>     checking (thanks to Arnaud Ebalard, closes: #485960)
>>   * allow per-mirror specific https settings
>>     (thanks to Arnaud Ebalard, closes: #485965)
>>   * add doc/examples/apt-https-method-example.cof
>>     (thanks to Arnaud Ebalard, closes: #485964)
>
> This was posted a while ago on the mailinglist and I think we should
> include it. The risk is low, https is not used by default.

And:

- The first is IMHO a security enhancement: it prevents MITM allowed by
  current default setup
- The second provides additional per-mirror settings but does not
  otherwise change current behavior
- The third provides documentation, which cannot break anything but only
  improve the situation.

Cheers,

a+

Reply to:

References:
- APT upload
  - From: Christian Perrier <bubulle@debian.org>
- Re: APT upload
  - From: Michael Vogt <mvo@debian.org>

Prev by Date: Re: APT upload
Next by Date: Processed: tagging 94164
Previous by thread: Re: APT upload
Next by thread: Re: APT upload
Index(es):
- Date
- Thread