Jean-Christophe Baptiste wrote:
> Are you jocking?
> Dowloading an operating system not a sensitive operation?
> Software integrity, useless?
>
> Of course, there are, I need a proof that what I get has not been tampered.
----
You already have it. You have signatures on the rpms. That's
what they are for. Https was intended to provide protection from
snooping. If you don't think large corporate ISP's can't purchase
root-certs, or more likely "subordinated root certs" (those have
already happened and only made public when the corps mis-handled
the certs and let them get swiped), you'd be naive.
On smaller scales, sites with multiple users/clients are already
likely to force internal clients to use a caching & filtering proxy to
access the outside web. With that in place, they can install
site-local root certs on site-owned clients and require mobile clients (if
allowed), to install site-local root-certs in order to have access
to the outside web. The large uptick in https usage has forced
sites not using MITM proxies to change policies.
Fortunately, both downloaded rpms and sites providing sensitive
tars provide signatures for both that provide tampering protection.
Not only do the sigs provide tamper protection during transit, but they
also provide tamper protection for rpms stored locally, months later.
> Client side, what browser would be caching a 700MB file anyway? It would
> serve no purpose.
----
It does. I've fetched 700+ MB images from opensuse and MS from
cache as long as 1-2 months after original download. Seeing large
downloads complete at >100MB/s is a noticeable event. Wherever possible,
I disable individual client and machine caches because they waste space.
Instead, I use one large cache on an opensuse machine. Best speed
boosts are on interactive websites, where there is more content duplication.
It's not common to find 700MB requests duplicated, but given
the long time that distro-images stay constant and the size of proxy
cache, its happened a few times.
Regardless of the transport protocol, the integrity of
the downloaded images is still available by signature verification.
--
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-security+owner(a)opensuse.org