[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#33825: 25.2; , Failing to verify signature for ELPA debbugs package
|
From: |
Clemens Radermacher |
|
Subject: |
bug#33825: 25.2; , Failing to verify signature for ELPA debbugs package |
|
Date: |
Sun, 30 Dec 2018 13:34:09 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 |
On 30.12.18 13:12, Robert Pluim wrote:
> There are 'transparent' proxies which will untar archives and then
> retar them, resulting in a file that fails signature verification even
> though the contents are identical. When you then repeat the download,
> the proxy knows it has previously inspected the file, and thus lets
> through the original. Using https solves this issue 99% of the time.
That's interesting thanks! For GNU ELPA I use http indeed, because I rely on
Emacs
taking care of the verification. I don't understand why those proxies should
unpack archives though, is that for filtering purposes?
--
Clemens