[JIRA] (OVIRT-1472) Add SSL to resources.ovirt.org
[
https://ovirt-jira.atlassian.net/browse/OVIRT-1472?page=com.atlassian.jir...
]
Barak Korren commented on OVIRT-1472:
-------------------------------------
Released RPMs are signed AFAIK, so there is nothing new to discuss about this, but there
is a large amount of pre-release unsigned RPMs on resources as well and also other files
which do not include built-in signing mechanisms.
Add SSL to resources.ovirt.org
------------------------------
Key: OVIRT-1472
URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1472
Project: oVirt - virtualization made easy
Issue Type: Improvement
Components: oVirt Infra
Reporter: Barak Korren
Assignee: infra
Priority: High
This was already requested in the past, not sure why we didn't follow up. We need to
allow users to D/L packages without fear of MITM attacks.
Package signing can help a little, but not everything is signed. (ISOs are not signed for
example...)
--
This message was sent by Atlassian JIRA
(v1000.1085.0#100052)