On Thursday, 6 August 2020 09:03:31 UTC+8, unman wrote:The security isnt to be found at the proxy level, but at the package management level. It's there that verification is (and should be) done. Unman, speaking of verification at the package management level, would you happen to know the algorithm that's used to verify dom0 and domu packages? I've been looking for this info since I'm worried that it might be the now-deprecated SHA1 (like Github) but I haven't found anything yet.
-- I'm not unman, but I just checked the repo data and it appears they use sha256 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5f2b87ac.1c69fb81.be51c.6641%40mx.google.com.
