On Jul 3, 2014, at 11:55 AM, Reid Sutherland wrote: > On Jul 3, 2014, at 11:09 AM, Hans-Christoph Steiner <h...@at.or.at> wrote: > >> >> On Jun 2, 2014, at 9:29 AM, Jann Horn wrote: >> >>> On Fri, May 30, 2014 at 10:06:06AM -0400, micah anderson wrote: >>>> Now I don't want to call into question the esteemed authors of said >>>> program, and depending libraries, but I do think that providing https >>>> mirrors gives us two distinct advantages over plain http: >>>> >>>> . in the case that there is a bug in apt, or gpg, or something >>>> else, having https would provide at minimum a minor set of >>>> defense against bulk, non-targeted quantum insert and foxacid >>>> attacks, not to mention MiTM compromises from a hostile local >>>> network >>> >>> Heh. Because SSL/TLS libraries are so impenetrable and secure? :D >> >> Even GnuPG has had exploitable bugs. Adding layers of different security >> techniques can help make the apt distribution system less fragile when such >> bugs inevitably arise. >> > > > Adding another layer of code does not always improve security. Using the > argument of bugs, what happens when your vulnerable SSL clients connects to a > malicious mirror? > > You suggest that GnuPG could have security flaws, but you promote software > line that has already demonstrated numerous security problems. > > On a side, SSL is already available in apt, anyone is free to implement SSL > on their mirror server and use it in their apt client. If you need to secure > the initial installation download use the verification information found here > <https://www.debian.org/CD/verify>.
The point is to figure out a better way that is included by default. .hc -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/995ae110-08f9-47ff-9072-ade90c0bd...@at.or.at
