[clamav-users] secure download of .cvd files ?
Joel Esler (jesler)
jesler at cisco.com
Fri Aug 31 11:33:30 UTC 2018
Agreed. But it wasn’t something we could support. Now we can. It that it matters, but at least we can now.
Sent from my iPhone
> On Aug 31, 2018, at 07:16, Al Varnell <alvarnell at mac.com> wrote:
>
> And the answer is the same as it was then. There is nothing to be gained by supporting https. There is nothing sensitive about the database. Each component is verified as genuine after downloaded. And the impact on the servers is less.
>
> -Al-
>
>> On Fri, Aug 31, 2018 at 04:07 AM, Arnaud Jacques wrote:
>>
>> That's why I asked in 2014 about freshclam support of SSL :
>>
>> http://lists.clamav.net/pipermail/clamav-users/2014-December/001098.html
>>
>>
>>> Le 31/08/2018 à 12:08, Al Varnell a écrit :
>>> I'm not aware of any, but all database components are verified for authenticity by freshclam after download.
>>> -Al-
>>>> On Fri, Aug 31, 2018 at 02:00 AM, Henrik Hoeg Thomsen1 wrote:
>>>> Do clamav offer a encrypted download alternative to the unencrypted http based wget used to update the signatue database?
>>>>
>>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: <http://db.local.clamav.net:4/>/daily.cvd
>>>> wget -q -m -nd -P /tmp --retry-connrefused http://db.local.clamav.net: <http://db.local.clamav.net:4/>/main.cvd
>
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list