Control: clone -1 -2
Control: retitle -2 dgit should pin to the LE CA for ftpmasterapi
Control: retitle -1 dgit should not trust any third party when talking to
Debian servers
intrigeri writes ("Re: Bug#790093: dgit is subvertable by X.509 CA cabal"):
> (after I've started to play with dgit today — and very much like it so
> far! — a friend pointed me to this bug)
Hi. Thanks.
> I'd like to propose this mitigation:
>
> Use only outgoing HTTPS connections if the remote peer can be
> correctly authenticated using a certificate signed by Let's Encrypt
This is a great idea if we can make it work. This turns this bug into
two work items:
- pin to the LE CA
- avoid *any* third-party root of trust
So I am cloning this bug.
Ian.
