[Bug 833994] Re: debian-installer does not support https when using with preseed files
Thomas Bushnell, BSG
833994 at bugs.launchpad.net
Mon May 13 15:34:22 UTC 2013
I don't think certificates are necessary here: we could permit any https
without any certificate checking, and still have an improvement, with no
additional dangers over using http. For example, you would remain
vulnerable to DNS spoofing or man-in-the-middle problems, but you would
not be subject to the exposure of secret information in packages. (There
are plenty of cases where a link is sniffable but not pwnable.)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler-enlist in Ubuntu.
https://bugs.launchpad.net/bugs/833994
Title:
debian-installer does not support https when using with preseed files
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cobbler-enlist/+bug/833994/+subscriptions
More information about the Ubuntu-server-bugs
mailing list