subject:"\[sage\-devel\] Re\: Sagemath mirrors security issues"

Re: [sage-devel] Re: Sagemath mirrors security issues

2017-10-26 Thread Erik Bray

On Thu, Oct 26, 2017 at 12:38 PM, John Cremona wrote: > On 26 October 2017 at 11:18, Erik Bray wrote: >> On Thu, Oct 26, 2017 at 11:53 AM, Harald Schilly >> wrote: >>> Hi, I don't see how https helps with any such attack.

Re: [sage-devel] Re: Sagemath mirrors security issues

2017-10-26 Thread John Cremona

On 26 October 2017 at 11:18, Erik Bray wrote: > On Thu, Oct 26, 2017 at 11:53 AM, Harald Schilly > wrote: >> Hi, I don't see how https helps with any such attack. What I always pointed >> out is to use checksums. e.g. the webseed torrent files

Re: [sage-devel] Re: Sagemath mirrors security issues

2017-10-26 Thread Erik Bray

On Thu, Oct 26, 2017 at 11:53 AM, Harald Schilly wrote: > Hi, I don't see how https helps with any such attack. What I always pointed > out is to use checksums. e.g. the webseed torrent files here > http://files.sagemath.org/torrents.html have checksums and what would be

[sage-devel] Re: Sagemath mirrors security issues

2017-10-26 Thread Harald Schilly

Hi, I don't see how https helps with any such attack. What I always pointed out is to use checksums. e.g. the webseed torrent files here http://files.sagemath.org/torrents.html have checksums and what would be missing is to sign them. AFAIK there is no official public/private key for files on