On Sun, Jul 20, 2014 at 08:23:58PM +0200, Philipp Kern wrote: > On 2014-07-20 08:15, Wouter Verhelst wrote: > >True, but debian-installer simply does not support any signed/encrypted > >preseeding. > […] > >Granted, these are probably bugs, and IIRC Colin was working on > >providing HTTPS support for jessie. Still, I while I support enabling > >HTTPS for people.d.o, I think disabling HTTP is overdoing it. > > FWIW, Ubuntu trusty and precise both support HTTPS now (support was > backported from trusty). wget would need to build a udeb in Debian > and be able to take over /usr/bin/wget from busybox in d-i. I think > the other changes are all in d-i parts. Basically you append trusted > certs to the initramfs by specifying two initrds in the bootloader > that are concatenated. > > Somebody™ would need to do the work, though.
I'll hopefully get to finishing this at DebConf; I think I merged most of the safe and independent pieces already, and mostly just need to deal with wget-udeb. I'm not expecting to backport this to wheezy though. -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140720183026.ga15...@riva.ucam.org