[PVE-User] HTTPS for download.proxmox.com

Frank Thommen frank.thommen at uni-heidelberg.de
Thu Nov 30 15:45:19 CET 2017


On 11/30/2017 03:11 PM, lemonnierk at ulrar.net wrote:
> This is dumb. I agree that it wouldn't cost them anything to setup
> HTTPS, but I also agree that it is useless. The packages are signed and
> apt already checks the signature, HTTPS wouldn'd add anything at all.

Not true: It gives you the certainty to be connected to the "real" 
proxmox page and not a fake page, e.g. by being redirected through a 
hacked nameserver or local resolver.

And afaik, those using the community version don't have access to the 
enterprise repos.

frank



>
> Unless you want to hide the fact that you are installing proxmox itself,
> but the connection to proxmox's repo itself gives that away.
>
> On Thu, Nov 30, 2017 at 03:01:53PM +0100, John Crisp wrote:
>> On 30/11/17 14:34, Dietmar Maurer wrote:
>>>> On 11/30/2017 02:21 PM, Dietmar Maurer wrote:
>>>>>> I greatly respect the work you do on Proxmox but this specific response
>>>>>> is under your habitual standards from a security standpoint.
>>>>>
>>>>> Exactly. That is why we provide the enterprise repository.
>>>>
>>>> IMHO the times where security and confidentiality (https) are limited to
>>>> enterprise/paid services are long gone.  As the OP noted, https comes at
>>>> no cost and there is no reason not to have it configured.  I'd even say,
>>>> that https is mandatory for every site publishing more than just
>>>> personal statements.
>>>
>>> Again, please use the enterprise repository if you want https.
>>>
>>
>> <shakes head in disbelief>
>>
>
>
>
>
>> _______________________________________________
>> pve-user mailing list
>> pve-user at pve.proxmox.com
>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>

-- 
Frank Thommen          | HD-HuB / DKFZ Heidelberg
                        | frank.thommen at uni-heidelberg.de
                        | MMK:  +49-6221-54-3637 (Mo-Mi, Fr)
                        | IPMB: +49-6221-54-5823 (Do)


More information about the pve-user mailing list