Hi,
intrigeri wrote (14 Mar 2016 15:41:50 GMT) :
> sajolida wrote (14 Mar 2016 15:21:21 GMT) :
>> intrigeri:
>>> sajolida wrote (11 Mar 2016 16:40:08 GMT) :
>>> So, dropping the requirement for mirror operators to maintain an
>>> OpenPGP key we can see as valid would not imply any regression,
>>>
Yes, it's usually too much pain to encrypt and check sigs by hand, but
security is critical for Tails. So let's do what we almost always do. Use
software.
> If anyone feels like we should really do that, then at this point
> they'd better be ready to contribute some time to help with it
If it's
hey,
sajolida wrote (14 Mar 2016 15:21:21 GMT) :
> intrigeri:
>> sajolida wrote (11 Mar 2016 16:40:08 GMT) :
>> ⇒ If anyone feels like we should really do that, then at this point
>> they'd better be ready to contribute some time to help with it (in
>> practice our mirrors team went from 2 active
intrigeri:
> sajolida wrote (11 Mar 2016 16:40:08 GMT) :
>> intrigeri:
>>> I think the main advantages of requiring OpenPGP -enabled
>>> communication with mirror operators are:
>>>
>>> * We can authenticate requests sent to us by mirror operators: e.g.
>>>"please remove my mirror from the poo
hi,
sajolida wrote (11 Mar 2016 16:40:08 GMT) :
> intrigeri:
>> I think the main advantages of requiring OpenPGP -enabled
>> communication with mirror operators are:
>>
>> * We can authenticate requests sent to us by mirror operators: e.g.
>>"please remove my mirror from the pool", that coul
intrigeri:
> We'll soon be in a position to add more servers to the pool of HTTP
> mirrors that server our ISO images and IUKs. Before I publish the
> corresponding call for help, and get in touch with operators of
> potential fast mirrors (#11079), I'd like to make sure we get the
> requirements r
Hi,
u wrote (06 Mar 2016 19:03:30 GMT) :
> Encrypting would keep a veil on who of the Tails team sends which
> requests for which reasons.
I think that using Schleuder's remailing capabilities already provide
this property, and I'm not sure I follow how encryption impacts it.
>> I'm now less con
Hi,
intrigeri:
[...]
> This requirement has one clear disadvantage: it excludes some fast
> mirrors, e.g. lots of those that are run in universities (I have to
> trust people who are more in touch with operators of such candidate
> mirrors, on this one, as I have personally no idea). Also, on our
PS: If the OpenPGP requirement is removed, I'd strongly suggest at least
asking for a confirmation for significant requests (e.g. removal of a
server from the pool). The confirmation should contain a full quote of the
e-mail it is sent in reply to. That way, at least easy spoofing is
prevented. It
Hi,
the requirement to use OpenPGP encryption has been somewhat annoying for me
personally in the past, especially because it did not allow me to read
mirror-related e-mails (sometimes relatively time-critical ones) on my
smartphone. This has happened to me on vacation in another country (I don't
Hi,
We'll soon be in a position to add more servers to the pool of HTTP
mirrors that server our ISO images and IUKs. Before I publish the
corresponding call for help, and get in touch with operators of
potential fast mirrors (#11079), I'd like to make sure we get the
requirements right.
So far, w
11 matches
Mail list logo
