Re: apt-https authentication
On Wed, 15 May 2002, Tomas Pospisek wrote:
> > > ssl.c seems to be very clean and handles a lot of stuff and leaves open a
> > > lot of options on how to handle certificates, authentication etc. If we
> >
> > Well, you don't really want alot of options, you just want to have it work
> > :>
> >
> > You have to decide if you want to implement the full HTTP type checking
> > with authoritative signers/etc, or something simpler..
> I want full checking and I want to give the user a choice (certificates is
> a somewhat complicated affair and I guess not everybody's piece of cake).
Choice is a funny thing.. You probably can get away with a directory like
/etc/apt/certs/ that has files like 'ftp.foo.org.pem' with the certs in
them, just match against them exactly.
I've been waiting for the cert checking stuff before putting it in CVS.
Jason
--
To UNSUBSCRIBE, email to deity-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: