Am Freitag, den 23.02.2018, 20:17 +0100 schrieb Raphael Hertzog: > Control: tag -1 + pending > > On Fri, 23 Feb 2018, Kristian Klausen wrote: > > Busybox version of wget does not check the certificate at all, > > which defeat the purpose of https. > > Tested with (on testing): busybox wget 'https://untrusted-root.bads > > sl.com/' and busybox wget 'https://expired.badssl.com/' > > At the same time, ca-certificates is not embedded in the initrd > either so > certificates could not be checked. And the purpose of https is two- > fold: > privacy due to encryption (we have that), and authentication with > certificates (we don't have that). > > I don't even know where live-boot is using URL and what for. But I > have > committed the patch.
The fetch= and httpfs= live-boot parameter take URLs. -- Benjamin Drung System Developer Debian & Ubuntu Developer ProfitBricks GmbH Greifswalder Str. 207 D - 10405 Berlin Email: benjamin.dr...@profitbricks.com URL: https://www.profitbricks.de Sitz der Gesellschaft: Berlin Registergericht: Amtsgericht Charlottenburg, HRB 125506 B Geschäftsführer: Achim Weiss, Matthias Steinberg