Hi, Not strictly a Foresight question but I figured a Conary expert might answer...
We have a conary-based system with an online update server. I don't understand the trust model of updating a conary-based system from a repository server. I can see that username/password or entitlement strings can be used for client authentication and authorization, but I can't figure out how the server proves its identity and/or how the client determines that the downloaded content is genuine. It seems like in our setup, conary does not verify the server certificate. Can anyone elaborate on that? Thanks, Uri. _______________________________________________ Foresight-devel mailing list [email protected] https://lists.foresightlinux.org/mailman/listinfo/foresight-devel
