Eugene V. Lyubimkin wrote:
Hello Thijs,
hello FTP masters, please see problem 2) below...
Thijs Kinkhorst wrote:
However, it seems there is no better solution, or is there?
Why are we trying to invent something new here, with Valid-Until? The
problem
is that we want to ensure that the
Hello Thijs,
hello FTP masters, please see problem 2) below...
Thijs Kinkhorst wrote:
However, it seems there is no better solution, or is there?
Why are we trying to invent something new here, with Valid-Until? The problem
is that we want to ensure that the Release file of the security
I've removed some CC's.
On Mon, January 19, 2009 12:47, Eugene V. Lyubimkin wrote:
1) insert apt-transport-https and all its deps into base system (libcurl,
kerberos etc.)
I'm not sure if we need kerberos for this to work. Just like apt uses a
small version of gnupg to verify signatures, we
Thijs Kinkhorst wrote:
I've removed some CC's.
On Mon, January 19, 2009 12:47, Eugene V. Lyubimkin wrote:
1) insert apt-transport-https and all its deps into base system (libcurl,
kerberos etc.)
I'm not sure if we need kerberos for this to work. Just like apt uses a
small version of
Eugene V. Lyubimkin jackyf.de...@gmail.com writes:
Thijs Kinkhorst wrote:
I've removed some CC's.
On Mon, January 19, 2009 12:47, Eugene V. Lyubimkin wrote:
1) insert apt-transport-https and all its deps into base system (libcurl,
kerberos etc.)
I'm not sure if we need kerberos for
Otavio Salvador wrote:
Eugene V. Lyubimkin jackyf.de...@gmail.com writes:
Thijs Kinkhorst wrote:
I've removed some CC's.
On Mon, January 19, 2009 12:47, Eugene V. Lyubimkin wrote:
1) insert apt-transport-https and all its deps into base system (libcurl,
kerberos etc.)
I'm not sure if we
Eugene V. Lyubimkin jackyf.de...@gmail.com writes:
Otavio Salvador wrote:
Eugene V. Lyubimkin jackyf.de...@gmail.com writes:
Thijs Kinkhorst wrote:
I've removed some CC's.
On Mon, January 19, 2009 12:47, Eugene V. Lyubimkin wrote:
1) insert apt-transport-https and all its deps into base
On Thursday 15 January 2009 22:37, Eugene V. Lyubimkin wrote:
Florian Weimer wrote:
And if Valid-Until is only checked against the real-time clock, the
attacker can still feed bad data over NTP, so it's not even a complete
defense. 8-(
As there are questions about the implementation, and
On Sun, Jan 11, 2009 at 06:33:53PM +0100, Adeodato Simó wrote:
* Eugene V. Lyubimkin [Mon, 05 Jan 2009 23:42:46 +0200]:
Hello release folks!
Hello, Eugene. (SecTeam please see Change #1 below.)
APT team has prepared two important changes in apt, please give us a
decision(s) whether
* Moritz Muehlenhoff:
And there is also the option of including it in the first point release,
after a month or two of testing in unstable.
Since the replay attack isn't exactly grave, it could just as well be added
into 5.0.1 oder 5.0.2 once it has gotten some testing.
And if Valid-Until
Hello Florian,
Florian Weimer wrote:
And if Valid-Until is only checked against the real-time clock, the
attacker can still feed bad data over NTP, so it's not even a complete
defense. 8-(
However, it seems there is no better solution, or is there?
--
Eugene V. Lyubimkin aka JackYF, JID:
* Eugene V. Lyubimkin:
Florian Weimer wrote:
And if Valid-Until is only checked against the real-time clock, the
attacker can still feed bad data over NTP, so it's not even a complete
defense. 8-(
However, it seems there is no better solution, or is there?
A counter in the style of a
(dropping debian-release@ from CC)
Florian Weimer wrote:
* Eugene V. Lyubimkin:
Florian Weimer wrote:
And if Valid-Until is only checked against the real-time clock, the
attacker can still feed bad data over NTP, so it's not even a complete
defense. 8-(
However, it seems there is no
* Eugene V. Lyubimkin [Mon, 05 Jan 2009 23:42:46 +0200]:
Hello release folks!
Hello, Eugene. (SecTeam please see Change #1 below.)
APT team has prepared two important changes in apt, please give us a
decision(s) whether are they appropriate for Lenny or not.
We realize that apt has seen
Adeodato Simó wrote:
* Eugene V. Lyubimkin [Mon, 05 Jan 2009 23:42:46 +0200]:
Hello Adeodato,
-
Change #1 aka Valid-Until for preventing replay attacks
-
[change details snipped]
15 matches
Mail list logo