[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: Q: Use https for {deb,security}.debian.org by default
From:       Tomas Pospisek <tpo2 () sourcepole ! ch>
Date:       2021-08-21 7:45:54
Message-ID: 84ebaa85-c487-3c46-820f-6a6e77ae7c94 () sourcepole ! ch
[Download RAW message or body]

On 21.08.21 09:14, Philipp Kern wrote:
> On 20.08.21 21:11, Russ Allbery wrote:
>> The way I would put it is that the security benefit of using TLS for apt
>> updates is primarily that it makes certain classes of attempts to mess
>> with the update channel more noisy and more likely to produce immediate
>> errors.
> One thing of note is that it introduces a time dependency on the client. 
> Now we seem to gravitate towards a world where you'd also fail DNS 
> resolution if your time is wrong (because you cannot get at the 
> DNS-over-TLS/HTTPS server), so this is probably accepted as not making 
> things worse overall. I guess we could have some (somewhat insecure) 
> defense in depth if we wanted to, but maybe the world just agreed that 
> you need to get your clock roughly correct. ;-)

I remember seeing apt-get refusing to update packages or the index 
because of them "having timestamps in the future" or in other words 
system time being out of sync in direction of the past.

So we already have the situation that system time **must not** be off 
into the past by some delta in order to be able to do updates **at all**.

This is out of my memory so if anybody cares about this argument it 
should maybe be confirmed more thoroughly.
*t

[prev in list] [next in list] [prev in thread] [next in thread]