Date: Mon, 3 Mar 2014 11:06:00 -0600 (CST) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "RW" <rwmaillists@googlemail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Cryptografically signed ISO images Message-ID: <18642.128.135.70.2.1393866360.squirrel@cosmo.uchicago.edu> In-Reply-To: <20140303164050.0482c1e6@gumby.homeunix.com> References: <20140302172759.GA4728@hp-netbook.local> <20140303152943.GA5696@hp-netbook.local> <46383.128.135.70.2.1393861805.squirrel@cosmo.uchicago.edu> <20140303160218.072db3fe@gumby.homeunix.com> <39523.128.135.70.2.1393863706.squirrel@cosmo.uchicago.edu> <20140303164050.0482c1e6@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, March 3, 2014 10:40 am, RW wrote: > On Mon, 3 Mar 2014 10:21:46 -0600 (CST) > Valeri Galtsev wrote: > >> >> On Mon, March 3, 2014 10:02 am, RW wrote: > >> > That's fine if you can download the checksum files by HTTPS, but on >> > an FTP server it's no more that a check against corruption. >> >> Yes, but: if you verified the certificate of https host, you can be >> sure that ftp on the same IP address is owned by the same people. > > The IP addresses of www.freebsd.org and ftp.freebsd.org are > different, but even if they weren't that wouldn't protect against > man-in-the-middle attacks. Silly me... you are absolutely right! > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18642.128.135.70.2.1393866360.squirrel>