© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I've given the code a quick read and it does appear that the data is properly validated with GnuPG. Switching the default to HTTP would give immediate benefits to everyone with caching proxies already configured -- assuming the rest of the code will use a proxy -- while allowing a network observer to discover what is being downloaded. I don't think this is a significant risk; the images have different sizes, traffic analysis should be sufficient to discover which images are downloaded.
Using HTTP for download may introduce new errors -- because HTTP relies only upon CRC32 for integrity checking, the possibility exists that incorrectly downloaded data will be handed to GnuPG for verification. There's no real solution except trying the download again and re-verifying. (For what it's worth, I don't believe I have ever discovered this behaviour with apt despite downloading terabytes of packages and package lists. WiFi hotspot "landing pages" being stored in apt lists happens occasionally, though, and apt utterly fails to handle that gracefully. It'd be nice if simplestreams does better.)
I think switching to HTTP is a good idea.
Thanks