* Juiceman <[EMAIL PROTECTED]> [2006-08-01 18:50:35]: > On 8/1/06, Florent Daignière (NextGen$) <[EMAIL PROTECTED]> wrote: > >* Juiceman <[EMAIL PROTECTED]> [2006-08-01 18:21:20]: > > > >> On 8/1/06, Matthew Toseland <[EMAIL PROTECTED]> wrote: > >> >On Tue, Aug 01, 2006 at 08:11:31PM +0200, Florent Daignière (NextGen$) > >> >wrote: > >> >> * Matthew Toseland <[EMAIL PROTECTED]> [2006-08-01 19:06:42]: > >> >> > >> >> > It's not mirrored is it? > >> >> > >> >> Now it is. > >> > > >> >Ummm, that's bad. sha1test.jar should NOT be mirrored. > >> > >> Neither should be mirrored, If someone compromises the update script > >> they can bypass sha1test.jar altogether. Or were you speaking of > >> something else? > >> > > > >Ok, I think I've fixed the problem : > > > >try getting > >http://downloads.freenetproject.org/alpha/installer/sha1test.jar, it > >sends you to http://get.freenetproject.org/sha1test.jar wich isn't > >mirrored... > > > That URL works here. I'm guessing the https part isn't important as > long as we're not mirroring? Good enough? >
We don't have any SSL certificate signed by a trusted third party ... so using SSL is kinda pointless anyway (for normal users) NextGen$
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
