[CentOS] https everywhere.
Matthew Miller
mattdm at mattdm.org
Fri May 15 19:49:14 UTC 2015
On Fri, May 15, 2015 at 03:44:39PM -0400, James B. Byrne wrote:
> What are the plans for the CentOS repos with respect to authentication
> and https everywhere? At the moment it is a trivial exercise to
> perform a MTM attack during a yum update over http.
Since the packages themselves are signed, what risk are you concerned
about?
--
Matthew Miller
<mattdm at fedoraproject.org>
Fedora Project Leader
More information about the CentOS
mailing list