Monday, July 9, 2007

New SSL secured Apt in works for Debian/Ubuntu

As part of the new Gusty 7.10 release of Ubuntu, Apt has be upgraded to the latest 0.7.x series slated for Lenny. Some of the benefits of this new apt have already been seen in Ubuntu. The automatic dependency removal, the unattended upgrades, and the dpkg breaks field.

One upgrade in this latest series is the addition of a https transport method. This transport method should help to further increase apt's security.

Already with Etch (and many past releases of Ubuntu) secure apt has been included. Secure apt includes cryptological signed packages. These signed packages ensure that they are the ones the developers compiled, ensuring security. This was a major step forward in apt security.

The addition of the apt-transport-https package allows for ssl secured communication between the webserver and the apt client. Now with secure apt ensuring that the packages are what they say they are, and https secured communication, the entire debian/ubuntu package stack is more secure.

Secure Apt
Apt 0.7.0 Changes
Debian: apt-transport-https
Ubuntu: apt-transport-https

No comments: