Hi Francesco,
On 5/27/24 11:23, Francesco Dolcini wrote:
Hello Jerome,
On Fri, May 24, 2024 at 06:19:54PM +0200, Jerome Forissier wrote:
- Make the support of HTTPS in the wget command easier. Javier T. (CC'd)
has some additional lwIP and Mbed TLS patches to do so. With that it becomes possible to fetch and launch a distro installer such as Debian etc. directly from the U-Boot shell.
Why this is enabling this use case? Or it is just that currently, without TLS, is not supposed to be something you should do? I am a little bit confused reading this sentence, since to me this is already possible using tftp.
You're correct. The point I am making is about using a secure (authenticated) connection, and I should have clarified that. While using HTTPS might not be critical on a local network, things are different when downloading from the internet (think man-in-the-middle attacks). Also, many web sites are switching off HTTP in favor of HTTPS so it could be that your favorite distro becomes unavailable without it.
Thanks,