Cryptografically signed ISO images
Valeri Galtsev
galtsev at kicp.uchicago.edu
Mon Mar 3 17:06:01 UTC 2014
On Mon, March 3, 2014 10:40 am, RW wrote:
> On Mon, 3 Mar 2014 10:21:46 -0600 (CST)
> Valeri Galtsev wrote:
>
>>
>> On Mon, March 3, 2014 10:02 am, RW wrote:
>
>> > That's fine if you can download the checksum files by HTTPS, but on
>> > an FTP server it's no more that a check against corruption.
>>
>> Yes, but: if you verified the certificate of https host, you can be
>> sure that ftp on the same IP address is owned by the same people.
>
> The IP addresses of www.freebsd.org and ftp.freebsd.org are
> different, but even if they weren't that wouldn't protect against
> man-in-the-middle attacks.
Silly me... you are absolutely right!
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the freebsd-questions
mailing list