On 12/20/2015 10:10 AM, Alice Wonder wrote: > Yes, but I've run into instance where curl does not work for https - > for example I believe if ECDSA TLS certificate is being used on the > server, curl doesn't work. Not sure about wget. Why do you think the solution is to make yum behave well when there's malicious data in /etc, rather than updating rpm/curl to properly support https so that it doesn't get there?