| 1 |
On Fri, Nov 12, 2004 at 11:30:08AM -0500, Chris Frey wrote: |
| 2 |
> While I'm not opposed to ssl/ssh links in any way, I think this would be |
| 3 |
> more work to install than the signature method that already has a patch. |
| 4 |
> |
| 5 |
> Consider: |
| 6 |
> |
| 7 |
> Patch method: |
| 8 |
> - no mirror needs to be updated |
| 9 |
> - users can continue to use any available mirrors for |
| 10 |
> the webrsync tar (do they exist?) |
| 11 |
> - the main gentoo server only has to serve the signature |
| 12 |
> (this could be put on a single mirror too, point being |
| 13 |
> that the signature doesn't have to be on every mirror |
| 14 |
> to be effective) |
| 15 |
> |
| 16 |
> SSL/SSH method: |
| 17 |
> - either every mirror needs to support it |
| 18 |
> - or anyone who is concerned, suddenly stops using mirrors |
| 19 |
> and switches to the main server |
| 20 |
> - doesn't detect cases where a mirror is compromised |
| 21 |
> |
| 22 |
> Just points to be aware of when considering SSL/SSH. |
| 23 |
FullACK |
| 24 |
|
| 25 |
even worse, it would stress, the CPU even more, and so on. |
| 26 |
|
| 27 |
these "solutions" do not interfere with each other but |
| 28 |
if these are combined I can't see a great benefit |
| 29 |
either. |
| 30 |
|
| 31 |
the only benefit is, that a man in the middle would not |
| 32 |
be able to guess the state, my local system is in (eg: if |
| 33 |
I am fetching an actual .ebuild file of portage, the mim |
| 34 |
can be sure that the local version is not the actual one) |
| 35 |
not a big benefit. |
| 36 |
|
| 37 |
anyway, as someone seems to use some sort of that "solution" |
| 38 |
I got curious and wanted to get some more details... |
| 39 |
|
| 40 |
regards, |
| 41 |
|
| 42 |
klaus |
| 43 |
|
| 44 |
-- |
| 45 |
gentoo-security@g.o mailing list |
Archives