That doesn't help if a mirror is compromised or control is lost. Those already downloaded installers can't update their mirror list.
Jim On January 10, 2016 2:54:44 PM EST, Dmitry Morozovsky <[email protected]> wrote: >On Sun, 10 Jan 2016, Clint Armstrong wrote: > >> The signed checksums linked on that page only include checksums for >the >> .img and .iso images. Not for the .txz archives. > >Ah I see. But nevertheless, these .txz's are almost always accessed >from the >installer, which selects only approved mirror from well-defined list, >and >connects to them over TLS... > > >-- >Sincerely, >D.Marck [DM5020, MCK-RIPE, >DM3-RIPN] >[ FreeBSD committer: [email protected] >] >------------------------------------------------------------------------ >*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- [email protected] >*** >------------------------------------------------------------------------ >_______________________________________________ >[email protected] mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to >"[email protected]" -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
