On Tue, Feb 11, 2014 at 01:45:53PM +0000, Colin Watson wrote: > > > > (And yes, I know that this is only of any actual use if we do > > certificate checks. Right now the way I have things hooked up is that > > you can add certificates to the d-i initramfs, either by rebuilding with > > SSL_CERTS set in build/config/local or by concatenating another > > initramfs-format archive of c_rehash-ed certificates unpacking to > > /usr/lib/ssl/certs; or else debian-installer/allow_unauthenticated=false > > will imply no certificate checking. You have to supply GNU wget anyway, > > since busybox wget doesn't speak HTTPS. If more people than I suspect > > want to use this then we might want to consider something with > > ca-certificates, but I felt that was overkill for now and it certainly > > involved more thinking about policy than I wanted to do.)
So the first question I have about this if we can get ftp.TLD.debian.org certificates for this, and what happens when that host is down and DNS gets pointed to a different host? I have to guess that we should only do that on the hostname that is not ftp.TLD.debian.org, while I think it now only shows that name? Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
