Re: Bug#499897: preventing replay attacks against the security archive
- To: "Thijs Kinkhorst" <thijs@debian.org>
- Cc: "Peter Palfrader" <weasel@debian.org>, "Philipp Kern" <pkern@debian.org>, 499897@bugs.debian.org, team@security.debian.org, deity@lists.debian.org
- Subject: Re: Bug#499897: preventing replay attacks against the security archive
- From: Joerg Jaspert <joerg@debian.org>
- Date: Sun, 23 Nov 2008 21:34:58 +0100
- Message-id: <[🔎] 87ljvauqod.fsf@vorlon.ganneff.de>
- Mail-followup-to: "Thijs Kinkhorst" <thijs@debian.org>, "Peter Palfrader" <weasel@debian.org>, "Philipp Kern" <pkern@debian.org>, 499897@bugs.debian.org, team@security.debian.org, deity@lists.debian.org
- In-reply-to: <5424e003e946d9d52abb5aaaf485cd6f.squirrel@wm.kinkhorst.nl> (Thijs Kinkhorst's message of "Wed, 8 Oct 2008 16:02:01 +0200 (CEST)")
- References: <200809240804.34689.thijs@debian.org> <87y71gqpri.fsf@delenn.ganneff.de> <20080925164820.GA20313@durotan.0x539.de> <200809252212.31938.thijs@debian.org> <20080925213150.GF15136@anguilla.noreply.org> <5424e003e946d9d52abb5aaaf485cd6f.squirrel@wm.kinkhorst.nl>
>>> - have it expire in a period long enough so a new point release will
>>> have happened in the meantime, say half a year.
>> Probably still not acceptable for CD-Roms.
> I don't think that should be a problem - I don't believe CD-Roms are the
> target of this feature. APT already handles CD-Roms differently so it
> could exclude them from this check.
Hello apt team, anyone working on supporting this? :)
(It's used in both, the normal and the security archive).
--
bye, Joerg
> Or write yourself a DFSG-free replacement for that piece of software.
Using the copy and paste method from the old source, obscured by
irrelevant changes.
Attachment:
pgpn1zQEAnPyV.pgp
Description: PGP signature
Reply to: