Signed Checksums for release archives
James Keener
jim at jimkeener.com
Sun Jan 10 20:01:37 UTC 2016
That doesn't help if a mirror is compromised or control is lost. Those already downloaded installers can't update their mirror list.
Jim
On January 10, 2016 2:54:44 PM EST, Dmitry Morozovsky <marck at rinet.ru> wrote:
>On Sun, 10 Jan 2016, Clint Armstrong wrote:
>
>> The signed checksums linked on that page only include checksums for
>the
>> .img and .iso images. Not for the .txz archives.
>
>Ah I see. But nevertheless, these .txz's are almost always accessed
>from the
>installer, which selects only approved mirror from well-defined list,
>and
>connects to them over TLS...
>
>
>--
>Sincerely,
>D.Marck [DM5020, MCK-RIPE,
>DM3-RIPN]
>[ FreeBSD committer: marck at FreeBSD.org
>]
>------------------------------------------------------------------------
>*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck at rinet.ru
>***
>------------------------------------------------------------------------
>_______________________________________________
>freebsd-security at freebsd.org mailing list
>https://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to
>"freebsd-security-unsubscribe at freebsd.org"
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the freebsd-security
mailing list