I don't think certificates are necessary here: we could permit any https without any certificate checking, and still have an improvement, with no additional dangers over using http. For example, you would remain vulnerable to DNS spoofing or man-in-the-middle problems, but you would not be subject to the exposure of secret information in packages. (There are plenty of cases where a link is sniffable but not pwnable.)
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cobbler-enlist in Ubuntu. https://bugs.launchpad.net/bugs/833994 Title: debian-installer does not support https when using with preseed files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cobbler-enlist/+bug/833994/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs