GNU bug report logs - #33825
25.2; Failing to verify signature for ELPA debbugs package

Previous Next

Package: emacs;

Reported by: clemera <clemens.radermacher <at> posteo.de>

Date: Fri, 21 Dec 2018 16:22:01 UTC

Severity: normal

Tags: patch

Found in version 25.2

Done: Stefan Kangas <stefan <at> marxist.se>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Clemens Radermacher <clemens.radermacher <at> posteo.de>
To: 33825 <at> debbugs.gnu.org
Cc: rpluim <at> gmail.com
Subject: bug#33825: 25.2; , Failing to verify signature for ELPA debbugs package
Date: Sun, 30 Dec 2018 13:34:09 +0100

On 30.12.18 13:12, Robert Pluim wrote:

> There are 'transparent' proxies which will untar archives and then
> retar them, resulting in a file that fails signature verification even
> though the contents are identical. When you then repeat the download,
> the proxy knows it has previously inspected the file, and thus lets
> through the original. Using https solves this issue 99% of the time.

That's interesting thanks! For GNU ELPA I use http indeed, because I rely on Emacs 
taking care of the verification. I don't understand why those proxies should 
unpack archives though, is that for filtering purposes?

-- 
Clemens

This bug report was last modified 5 years and 243 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #33825 25.2; Failing to verify signature for ELPA debbugs package

GNU bug report logs - #33825
25.2; Failing to verify signature for ELPA debbugs package