[Gajim-devel] improve debian repo trustworthiness / ftp.gajim.org TLS issues

Yann Leboulanger asterix at lagaule.org
Mon Jan 25 22:11:20 CET 2016

On 01/25/2016 04:13 PM, Arian Sanusi wrote:
> Hi all,
> gajim.org main website has adequate TLS support, hence the source tarball is trustworthy/secured against in-transport modification. However, the debian/ubuntu repo and other things hosted at ftp.gajim.org are not:
> * https://ftp.gajim.org serves a *.leboulanger.org CACert Cert, directory  listing empty, no debian repo at https://ftp.gajim.org/debian
> * ftpes://ftp.gajim.org serves an
> * ftp://ftp.gajim.org is unsecured ftp, obviously
> I'd encourage you to also serve https://ftp.gajim.org/debian and link the gajim-dev-keyring.deb directly on
> https://gajim.org/downloads.php?lang=en#debian Also switch ftp.gajim.org to letsencrypt as you did with the main site.
> I tried to post this as enhancement on trac.gajim.org, but got rejected as spam, due to Bayes filter and http in body.


All is now done.


More information about the Gajim-devel mailing list