Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
GPG has been a major source of issues over the years with various attacks on the key network as well as client side issues making it hard to retrieve our keys. Back when we introduced the image server, SSL certificates were still expensive and annoying to setup, so not something we'd have expected potential mirrors to setup for us. They were also issued for multiple years, making a compromise of such a certificate quite problematic. But things have changed since, we now have completely free, very easily deployable SSL certificates everywhere with the majority of those being shortlived and with good reporting of issued certificates. With that, we can now deprecate the GPG validation, disable the fallback to non-HTTPS download and rely on our indices being accurate because they've been downloaded from a server with a valid certificate. This puts LXC more in line with what LXD has done since the beginning and should offer a more reliable user experience. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
- Loading branch information
Showing
1 changed file
with
7 additions
and
135 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters