[PATCH v2 00/14] Introduce the lwIP network stack

Jerome Forissier jerome.forissier at linaro.org
Mon May 27 11:36:26 CEST 2024


Hi Francesco,


On 5/27/24 11:23, Francesco Dolcini wrote:
> Hello Jerome,
> 
> On Fri, May 24, 2024 at 06:19:54PM +0200, Jerome Forissier wrote:
>> - Make the support of HTTPS in the wget command easier. Javier T. (CC'd)
>> has some additional lwIP and Mbed TLS patches to do so. With that it
>> becomes possible to fetch and launch a distro installer such as Debian
>> etc. directly from the U-Boot shell.
> 
> Why this is enabling this use case? Or it is just that currently,
> without TLS, is not supposed to be something you should do?
> I am a little bit confused reading this sentence, since to me this is
> already possible using tftp.

You're correct. The point I am making is about using a secure
(authenticated) connection, and I should have clarified that. While using
HTTPS might not be critical on a local network, things are different when
downloading from the internet (think man-in-the-middle attacks). Also,
many web sites are switching off HTTP in favor of HTTPS so it could be
that your favorite distro becomes unavailable without it.

Thanks,
-- 
Jerome

> 
> Francesco
> 


More information about the U-Boot mailing list