Additional, more positive, discussion. 12:59 <maswan> or just relax the policy and let us get LE certs outselves, just like for all the other names 13:00 <mdeslaur> maybe we could do that if we registered a new domain name 13:01 <mdeslaur> I'll bring it up again soon 13:03 <mdeslaur> the problem is we round robin mirrors under country-specific domains...not sure how we would handle that 13:04 <mdeslaur> (not that I've thought about it, the people who are responsible for it have) 13:04 <maswan> yeah, that's why I like the mirrorbits solution for image downloads, it makes the mirror name much less important and you can probably drop *.releases.u.c. archive is another matter and will be more complicated, especially since those are in long-term config files 13:05 <mdeslaur> hrm, good point, may be worth separating those two and just doing the image downloads somehow first 13:07 <mdeslaur> there's also the issue that we don't trust half the mirrors in the list, so just using ssl doesn't do much to improve security 13:08 <maswan> yeah, that's another reason why I like mirrorbits serving up the checksum in the redirector, not relying on downloading the checksum file from the mirror 13:10 <mdeslaur> I need to look into that
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1359836 Title: Ubuntu ISOs downloaded insecurely, over HTTP rather than HTTPS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1359836/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
