[CentOS] https everywhere.

Fri May 15 19:49:14 UTC 2015
Matthew Miller <mattdm at mattdm.org>

On Fri, May 15, 2015 at 03:44:39PM -0400, James B. Byrne wrote:
> What are the plans for the CentOS repos with respect to authentication
> and https everywhere?  At the moment it is a trivial exercise to
> perform a MTM attack during a yum update over http.

Since the packages themselves are signed, what risk are you concerned
about?

-- 
Matthew Miller
<mattdm at fedoraproject.org>
Fedora Project Leader