Re: pkgsrc vs. https-only master sites

To: Tobias Nygren <tnn%NetBSD.org@localhost>
Subject: Re: pkgsrc vs. https-only master sites
From: Thomas Klausner <wiz%NetBSD.org@localhost>
Date: Mon, 23 Feb 2015 15:54:35 +0100

On Mon, Feb 23, 2015 at 03:46:13PM +0100, Tobias Nygren wrote:
> Platforms with builtin openssl will already DTRT I think? Including
> openssl in the bootstrap procedure is probably not a viable as it
> requires perl5 and godknowswhatelse.
> 
> > It's mostly SMOP, but it involves the bootstrap process and no-one was
> > motivated enough yet to tackle it.
> 
> How about if bootstrap uses regular non-openssl tnftp, and we create a
> separate "tnftp-ssl" package that avoids conflict with tnftp and can be
> depended on later when the bootstrap is done?

Well, but if you follow the plan to make it ssl-aware ftp default,
then it'll be the first package everyone will have to build and you
might as well include it in the bootstrap. What's the difference? At
the very least you would need to mark openssl and its dependencies as
not needing https support.

> True in a sense, but OTOH we have distinfo checksums and this is a
> primarily a matter of downloading the file, not downloading it securely.

Yeah, good enough for me.
 Thomas

Follow-Ups:
- Re: pkgsrc vs. https-only master sites
  - From: Joerg Sonnenberger

References:
- pkgsrc vs. https-only master sites
  - From: Tobias Nygren
- Re: pkgsrc vs. https-only master sites
  - From: Thomas Klausner
- Re: pkgsrc vs. https-only master sites
  - From: Tobias Nygren

Prev by Date: Re: pkgsrc vs. https-only master sites
Next by Date: Re: pkgsrc vs. https-only master sites
Previous by Thread: Re: pkgsrc vs. https-only master sites
Next by Thread: Re: pkgsrc vs. https-only master sites
Indexes:

Home | Main Index | Thread Index | Old Index