[PATCH v2 00/14] Introduce the lwIP network stack
Jerome Forissier
jerome.forissier at linaro.org
Mon May 27 11:36:26 CEST 2024
Hi Francesco,
On 5/27/24 11:23, Francesco Dolcini wrote:
> Hello Jerome,
>
> On Fri, May 24, 2024 at 06:19:54PM +0200, Jerome Forissier wrote:
>> - Make the support of HTTPS in the wget command easier. Javier T. (CC'd)
>> has some additional lwIP and Mbed TLS patches to do so. With that it
>> becomes possible to fetch and launch a distro installer such as Debian
>> etc. directly from the U-Boot shell.
>
> Why this is enabling this use case? Or it is just that currently,
> without TLS, is not supposed to be something you should do?
> I am a little bit confused reading this sentence, since to me this is
> already possible using tftp.
You're correct. The point I am making is about using a secure
(authenticated) connection, and I should have clarified that. While using
HTTPS might not be critical on a local network, things are different when
downloading from the internet (think man-in-the-middle attacks). Also,
many web sites are switching off HTTP in favor of HTTPS so it could be
that your favorite distro becomes unavailable without it.
Thanks,
--
Jerome
>
> Francesco
>
More information about the U-Boot
mailing list