References: https://lists.debian.org/debian-l10n-english/2018/01/msg00002.htmltags/devuan/2.0.1+devuan1
@@ -35,30 +35,30 @@ most used of all transports. Note that a transport is never called directly by | |||
a user but used by APT tools based on user configuration.</para> | |||
<para>HTTP is an unencrypted transport protocol meaning that the | |||
whole communication with the remote server (or proxy) can be observed by a | |||
sufficiently capable attacker referred to commonly as man in the middle (MITM). | |||
Such an attacker can <emphasis>not</emphasis> modify the communication to compromise | |||
the security of your system through as APTs data security model is independent of the | |||
chosen transport method. This is explained in detail in &apt-secure;. An overview over | |||
sufficiently capable attacker commonly referred to as a "man in the middle" (MITM). | |||
However, such an attacker can <emphasis>not</emphasis> modify the communication to compromise | |||
the security of your system, as APT's data security model is independent of the | |||
chosen transport method. This is explained in detail in &apt-secure;. An overview of | |||
available transport methods is given in &sources-list;.</para> | |||
</refsect1> | |||
<refsect1><title>Options</title> | |||
<para>Various options are available to modify its behaviour which can be set in | |||
an &apt-conf; file ranging from proxy configuration to workaround for specific | |||
server insufficiencies.</para> | |||
<para>Various options can be set in an &apt-conf; file to modify its behavior, | |||
ranging from proxy configuration to workarounds for specific | |||
server limitations.</para> | |||
<refsect2><title>Proxy Configuration</title> | |||
<para>The environment variable <envar>http_proxy</envar> is supported for system wide configuration. | |||
Proxies specific to apt can be configured via the option <literal>Acquire::http::Proxy</literal>. | |||
Proxies specific to APT can be configured via the option <literal>Acquire::http::Proxy</literal>. | |||
Proxies which should be used only for certain hosts can be specified via | |||
<literal>Acquire::http::Proxy::<replaceable>host</replaceable></literal>. Even more finegrained control | |||
can be achieved via proxy autodetection detailed further below. | |||
can be achieved via proxy autodetection, detailed further below. | |||
All these options use the URI format <literal><replaceable>scheme</replaceable>://[[<replaceable>user</replaceable>][:<replaceable>pass</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/</literal>. | |||
Supported URI schemes are <literal>socks5h</literal> (SOCKS5 with remote DNS resolution), <literal>http</literal> and <literal>https</literal>. | |||
Authentification details can be supplied via &apt-authconf; instead of including it in the URI directly.</para> | |||
Authentication details can be supplied via &apt-authconf; instead of including it in the URI directly.</para> | |||
<para>The various APT configuration options support the special value <literal>DIRECT</literal> meaning that | |||
no proxy should be used. The environment variable <envar>no_proxy</envar> with the same propose is also supported.</para> | |||
<para>Further more there are three settings provided for cache control with HTTP/1.1 compliant proxy caches: | |||
no proxy should be used. The environment variable <envar>no_proxy</envar> is also supported for the same purpose.</para> | |||
<para>Furthermore, there are three settings provided for cache control with HTTP/1.1 compliant proxy caches: | |||
<literal>Acquire::http::No-Cache</literal> tells the proxy not to use its | |||
cached response under any circumstances. | |||
<literal>Acquire::http::Max-Age</literal> sets the allowed maximum age (in | |||
@@ -70,8 +70,8 @@ the proxy from polluting its cache with (big) .deb files.</para> | |||
<refsect2><title>Automatic Proxy Configuration</title> | |||
<para><literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to | |||
specify an external command to discover the http proxy to use. The first | |||
and only parameter is an URI denoting the host to be contacted to allow | |||
specify an external command to discover the HTTP proxy to use. The first | |||
and only parameter is a URI denoting the host to be contacted, to allow | |||
for host-specific configuration. APT expects the command to output the | |||
proxy on stdout as a single line in the previously specified URI format | |||
or the word <literal>DIRECT</literal> if no proxy should be used. No output | |||
@@ -93,8 +93,8 @@ disables downloading from multiple servers at the same time.</para> | |||
<para>The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used to | |||
enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be beneficial e.g. on | |||
high-latency connections. It specifies how many requests are sent in a pipeline. | |||
APT tries to detect and workaround misbehaving webservers and proxies at runtime, but | |||
if you know that yours does not conform to the HTTP/1.1 specification pipelining can | |||
APT tries to detect and work around misbehaving webservers and proxies at runtime, but | |||
if you know that yours does not conform to the HTTP/1.1 specification, pipelining can | |||
be disabled by setting the value to 0. It is enabled by default with the value 10.</para> | |||
<para><literal>Acquire::http::AllowRedirect</literal> controls whether APT will follow | |||
redirects, which is enabled by default.</para> | |||
@@ -102,7 +102,7 @@ redirects, which is enabled by default.</para> | |||
User-Agent for the http download method as some proxies allow access for clients | |||
only if the client uses a known identifier.</para> | |||
<para><literal>Acquire::http::SendAccept</literal> is enabled by default and | |||
sends a <literal>Accept: text/*</literal> header field to the server for | |||
sends an <literal>Accept: text/*</literal> header field to the server for | |||
requests without file extensions to prevent the server from attempting content | |||
negotiation.</para> | |||
</refsect2> | |||
@@ -30,21 +30,21 @@ | |||
<refsect1><title>Description</title> | |||
<para>This APT transport allows the use of repositories accessed via the | |||
HTTP Secure protocol (HTTPS) also referred to as HTTP over TLS. It is available | |||
by default since apt 1.5 and was before that available in a <package>apt-transport-https</package> | |||
package. Note that a transport is never called directly by | |||
HTTP Secure protocol (HTTPS), also referred to as HTTP over TLS. It is available | |||
by default since apt 1.5 and was available before that in the package | |||
<package>apt-transport-https</package>. Note that a transport is never called directly by | |||
a user but used by APT tools based on user configuration.</para> | |||
<para>HTTP is by itself an unencrypted transport protocol (compare &apt-transport-http;), | |||
which, as indicated by the appended S is wrapped in an encrypted layer known as | |||
Transport Layer Security (TLS) which provides end-to-end encryption. | |||
which, as indicated by the appended S, is wrapped in an encrypted layer known as | |||
Transport Layer Security (TLS) to provide end-to-end encryption. | |||
A sufficiently capable attacker can still observe the communication partners | |||
and deeper analyse of the encrypted communcation might still reveal important details. | |||
An overview over available alternative transport methods is given in &sources-list;.</para> | |||
</refsect1> | |||
<refsect1><title>Options</title> | |||
<para>The HTTPS protocol is based on the HTTP protocol and as such this implementation | |||
has the same relation meaning that all options supported by &apt-transport-http; are also | |||
<para>The HTTPS protocol is based on the HTTP protocol, so | |||
all options supported by &apt-transport-http; are also | |||
available via <literal>Acquire::https</literal> and will default to the same values specified | |||
for <literal>Acquire::http</literal>. This manpage will only document the options | |||
<emphasis>unique to https</emphasis>.</para> | |||
@@ -55,26 +55,26 @@ for <literal>Acquire::http</literal>. This manpage will only document the option | |||
the server certificate. An alternative certificate authority (CA) can be | |||
configured with the <literal>Acquire::https::CAInfo</literal> option and its | |||
host-specific option <literal>Acquire::https::CAInfo::<replaceable>host</replaceable></literal>. | |||
The option specifies a file is made of the concatenation of the CA certificates | |||
(in PEM format) creating the chain used for the verification of the path | |||
from the root (self signed one). If the remote server provides the | |||
The CAInfo option specifies a file made up of CA certificates (in PEM format) | |||
concatenated together to create the chain which APT should use to verify the | |||
path from your self-signed root certificate. If the remote server provides the | |||
whole chain during the exchange, the file need only contain the root | |||
certificate. Otherwise, the whole chain is required. If you need to support | |||
multiple authorities, the only way is to concatenate everything.</para> | |||
<para>A custom certificate revocation list (CRL) can be configured with the options | |||
<literal>Acquire::https::CRLFile</literal> and | |||
<literal>Acquire::https::CRLFile::<replaceable>host</replaceable></literal> respectively. | |||
Like the previous option a file in PEM format needs to be specified.</para> | |||
<literal>Acquire::https::CRLFile::<replaceable>host</replaceable></literal>. | |||
As with the previous option, a file in PEM format needs to be specified.</para> | |||
</refsect2> | |||
<refsect2><title>Disabling security</title> | |||
<para>When authenticating the server, if the certificate verification fails | |||
for some reason (expired, revoked, man in the middle, …), the connection fails. | |||
<para>During server authentication, if certificate verification fails | |||
for some reason (expired, revoked, man in the middle, etc.), the connection fails. | |||
This is obviously what you want in all cases and what the default value (true) | |||
of the option <literal>Acquire::https::Verify-Peer</literal> and its host-specific | |||
variant provides. If you know <emphasis>exactly</emphasis> what you are doing, | |||
setting this option to "false" allows you to skip peer certificate verification and | |||
make the exchange succeed. Again, this option is for debugging or testing purpose | |||
setting this option to "<literal>false</literal>" allows you to skip peer certificate verification and | |||
make the exchange succeed. Again, this option is for debugging or testing purposes | |||
only as it removes all security provided by the use of HTTPS.</para> | |||
<para>Similarly the option <literal>Acquire::https::Verify-Host</literal> and its | |||
host-specific variant can be used to deactivate a security feature: The certificate | |||
@@ -83,13 +83,13 @@ DNS name used to access it. By default, as requested by RFC 2818, the name of th | |||
mirror is checked against the identity found in the certificate. This default behavior | |||
is safe and should not be changed, but if you know that the server you are using has a | |||
DNS name which does not match the identity in its certificate, you can set the option to | |||
"false", which will prevent the comparison to be done.</para> | |||
"<literal>false</literal>", which will prevent the comparison from being performed.</para> | |||
</refsect2> | |||
<refsect2><title>Client authentication</title> | |||
<para>Beside the password based authentication available (see &apt-authconf;) HTTPS supports | |||
authentication based on client certificates as well via <literal>Acquire::https::SSLCert</literal> | |||
and <literal>Acquire::https::SSLKey</literal>. They respectively should be set to the filename of | |||
<para>Besides supporting password-based authentication (see &apt-authconf;) HTTPS also supports | |||
authentication based on client certificates via <literal>Acquire::https::SSLCert</literal> | |||
and <literal>Acquire::https::SSLKey</literal>. These should be set respectively to the filename of | |||
the X.509 client certificate and the associated (unencrypted) private key, both in PEM format. | |||
In practice the use of the host-specific variants of both options is highly recommended.</para> | |||
</refsect2> | |||
@@ -31,44 +31,44 @@ | |||
<refsect1><title>Description</title> | |||
<para>This APT transport isn't implementing a protocol to access local or remote repositories | |||
on its own, but acquires a mirrorlist and redirects all requests to the mirror(s) picked from | |||
this list access via other transports like &apt-transport-http;. The basic functionality is | |||
available since apt 0.7.24, but was undocumented until apt 1.6 which contained a complete | |||
this list, accessing them via other transports like &apt-transport-http;. The basic functionality has | |||
been available since apt 0.7.24, but was undocumented until apt 1.6 which contained a complete | |||
rework of the transport and its supported features. Note that a transport is never called directly | |||
by a user but used by APT tools based on user configuration.</para> | |||
<para>If the acquisition of a file via a mirror fails the method ensures that automatically | |||
another possible mirror of the list is tried until either the file is retrieved or no mirror is | |||
left in the list handling transparently server downtimes and similar problems.</para> | |||
<para>The security implications of the transport are based on the security considerations | |||
<para>If the acquisition of a file via a mirror fails, the method ensures that another possible mirror | |||
from the list is automatically tried until either the file is retrieved or no mirror is | |||
left in the list, transparently handling server downtimes and similar problems.</para> | |||
<para>The security implications of the transport depend on the security considerations | |||
associated with the transport used to acquire the mirrorlist and the transports involved in | |||
accessing the chosen mirror(s) by the transport.</para> | |||
</refsect1> | |||
<refsect1><title>Options</title> | |||
<para>This transport has no configuration options at present. The mirror selection is | |||
based entirely on the mirrors offered in the mirrorlist and the files apt needs to | |||
based entirely on the mirrors offered in the mirrorlist and the files APT needs to | |||
acquire.</para> | |||
<refsect2><title>Mirrorlist format</title> | |||
<para>A mirrorlist contains at least one line each specifying an URI for a mirror. | |||
Empty lines and those starting with a hash key (<literal>#</literal>) are ignored. | |||
An URI always starts with a URI scheme which defines the transport used for this | |||
mirror. If the URI e.g. starts with <literal>http:</literal> the responsible transport | |||
<para>A mirrorlist contains one or more lines each specifying a URI for a mirror. | |||
Empty lines and those starting with a hash character (<literal>#</literal>) are ignored. | |||
A URI always starts with a URI scheme which defines the transport used for this | |||
mirror. If for example the URI starts with <literal>http:</literal>, the responsible transport | |||
is &apt-transport-http; which might have specific requirements for the format of | |||
the remaining part of the URI.</para> | |||
<para>An URI can optionally be separated from metadata about the mirror by a tab. | |||
Multiple datapoints in the provided metadata can itself be separated by spaces for tabs. | |||
<para>Metadata about a mirror can be given on the same line, separated from the URI by a tab. | |||
Multiple items of metadata can themselves be separated by either tabs or spaces. | |||
(This is an advanced feature only available with apt >= 1.6. Earlier apt versions will | |||
fail to parse mirrorlists using this feature)</para> | |||
<para>Since apt 1.6 the usage of compressed mirrorlists is also supported. | |||
Note that the filename of the mirrorlist must specify the compression algorithm used, | |||
there is no auto-detection based on file content performed.</para> | |||
fail to parse mirrorlists using this feature.)</para> | |||
<para>Since apt 1.6 the use of compressed mirrorlists is also supported. | |||
Note that the filename of the mirrorlist must specify the compression algorithm used; | |||
there is no auto-detection based on file contents.</para> | |||
</refsect2> | |||
<refsect2><title>Mirror selection by metadata</title> | |||
<para>As specified in the format a mirror can have additional metadata attached to | |||
<para>As specified in the format, a mirror can have additional metadata attached to | |||
prevent a mirror from being selected for acquiring a file not matching this metadata. | |||
This way the mirrorlist can e.g. contain partial mirrors serving only certain | |||
architectures and apt will automatically choose a different mirror for files requiring | |||
architectures and APT will automatically choose a different mirror for files requiring | |||
an unlisted architecture. Supported are limits for the architecture (<literal>arch</literal>), | |||
codename of the release (<literal>codename</literal>), component of the repository | |||
the file is in (<literal>component</literal>), language the file applies to (<literal>lang</literal>), | |||
@@ -76,18 +76,18 @@ suite name of the release (<literal>suite</literal>) and type of the file (<lite | |||
</refsect2> | |||
<refsect2><title>Fallback order for mirrors</title> | |||
<para>If no priority is given via the metadata key <literal>priority</literal> for a | |||
mirror the order in which mirrors are contacted is random. If a certain set of mirrors | |||
should be tried first before any of another set is tried a priority can be explicitly | |||
<para>If no priority is given for a mirror via the metadata key <literal>priority</literal>, | |||
the order in which mirrors are contacted is random. If a certain set of mirrors | |||
should be tried first before any of another set is tried, a priority can be explicitly | |||
set. The mirrors with the lowest number are tried first. Mirrors which have no explicit | |||
priority set default to the highest possible number and are therefore tried last. The | |||
choice between mirrors with the same priority is again random.</para> | |||
</refsect2> | |||
<refsect2><title>Allowed transports in a mirrorlist</title> | |||
<para>The availability and choice of transports in a mirrorlist is limited by how the apt | |||
<para>The availability and choice of transports in a mirrorlist is limited by how the APT | |||
client is accessing the mirrorlist. If a local transport like <literal>file</literal> | |||
or <literal>copy</literal> is used the mirrorlist can also include local sources while a | |||
or <literal>copy</literal> is used, the mirrorlist can also include local sources, while a | |||
mirrorlist accessed via <literal>http</literal> can not. Additionally, a mirrorlist can | |||
not contain a mirrorlist or other wrapping transports (like <package>apt-transport-tor</package>). | |||
See the documentation of these transports on how to use them with the mirror method.</para> | |||
@@ -109,9 +109,9 @@ on your machine it can be used like this in &sources-list; (since apt 1.6):</par | |||
<literallayout> | |||
deb mirror+file:/etc/apt/mirrorlist.txt &debian-stable-codename; main | |||
</literallayout> | |||
<para>All versions of the mirror method support a mirrorlist accessible via http, so assuming | |||
<para>All versions of the mirror method support a mirrorlist accessible via HTTP, so assuming | |||
it is available at <literal>http://apt.example.org/mirror.lst</literal> the sources.list entry | |||
from above could be written instead as:</para> | |||
from above could instead be written as:</para> | |||
<literallayout> | |||
deb mirror://apt.example.org/mirror.lst &debian-stable-codename; main | |||
</literallayout> | |||
@@ -120,10 +120,10 @@ be preferred over <literal>mirror</literal> for uniformity. The functionality is | |||
</refsect2> | |||
<refsect2><title>Example with metadata-enhanced mirror selection</title> | |||
<para>As explained in the format definition apt versions before 1.6 do not support this and | |||
will fail parsing the mirrorlist. The example mirrorlist is proposefully complicated to show some | |||
aspects of the selection. The following setup is assumed: The first mirror is local mirror | |||
will fail parsing the mirrorlist. The example mirrorlist is intentionally complicated to show some | |||
aspects of the selection. The following setup is assumed: The first mirror is a local mirror | |||
accessible via the file method, but potentially incomplete. The second mirror has a great | |||
connection, but is a partial mirror in sofar as it only contains files related | |||
connection, but is a partial mirror insofar as it only contains files related | |||
to the architectures <literal>amd64</literal> and <literal>all</literal>. The remaining mirrors | |||
are average mirrors which should be contacted only if the earlier ones didn't work. | |||
</para> | |||
@@ -136,8 +136,8 @@ https://deb.debian.org/debian/ | |||
</literallayout> | |||
<para>In this setup with this mirrorlist the first mirror will be used to download all | |||
index files assuming the mirrorlist itself is accessed via a local transport like | |||
<literal>file</literal>. If it isn't, the mirror is otherwise inaccessible or does not | |||
contain the requested file another mirror will be used to acquire the file, which one | |||
<literal>file</literal>. If it isn't, if the mirror is otherwise inaccessible or if it does not | |||
contain the requested file another mirror will be used to acquire the file, chosen | |||
depending on the type of the file: An index file will be served by the last | |||
mirror in the list, while a package of architecture <literal>amd64</literal> is served by | |||
the second and those of e.g. architecture <literal>i386</literal> by one of the last three.</para> | |||
@@ -7,7 +7,7 @@ msgid "" | |||
msgstr "" | |||
"Project-Id-Version: apt-doc 1.6~alpha6\n" | |||
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" | |||
"POT-Creation-Date: 2018-01-04 00:04+0100\n" | |||
"POT-Creation-Date: 2018-01-17 19:04+0100\n" | |||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" | |||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" | |||
"Language-Team: LANGUAGE <LL@li.org>\n" | |||
@@ -6976,20 +6976,20 @@ msgstr "" | |||
msgid "" | |||
"HTTP is an unencrypted transport protocol meaning that the whole " | |||
"communication with the remote server (or proxy) can be observed by a " | |||
"sufficiently capable attacker referred to commonly as man in the middle " | |||
"(MITM). Such an attacker can <emphasis>not</emphasis> modify the " | |||
"communication to compromise the security of your system through as APTs data " | |||
"security model is independent of the chosen transport method. This is " | |||
"explained in detail in &apt-secure;. An overview over available transport " | |||
"sufficiently capable attacker commonly referred to as a \"man in the " | |||
"middle\" (MITM). However, such an attacker can <emphasis>not</emphasis> " | |||
"modify the communication to compromise the security of your system, as APT's " | |||
"data security model is independent of the chosen transport method. This is " | |||
"explained in detail in &apt-secure;. An overview of available transport " | |||
"methods is given in &sources-list;." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"Various options are available to modify its behaviour which can be set in an " | |||
"&apt-conf; file ranging from proxy configuration to workaround for specific " | |||
"server insufficiencies." | |||
"Various options can be set in an &apt-conf; file to modify its behavior, " | |||
"ranging from proxy configuration to workarounds for specific server " | |||
"limitations." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -7001,16 +7001,16 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"The environment variable <envar>http_proxy</envar> is supported for system " | |||
"wide configuration. Proxies specific to apt can be configured via the " | |||
"wide configuration. Proxies specific to APT can be configured via the " | |||
"option <literal>Acquire::http::Proxy</literal>. Proxies which should be " | |||
"used only for certain hosts can be specified via " | |||
"<literal>Acquire::http::Proxy::<replaceable>host</replaceable></literal>. " | |||
"Even more finegrained control can be achieved via proxy autodetection " | |||
"Even more finegrained control can be achieved via proxy autodetection, " | |||
"detailed further below. All these options use the URI format " | |||
"<literal><replaceable>scheme</replaceable>://[[<replaceable>user</replaceable>][:<replaceable>pass</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/</literal>. " | |||
"Supported URI schemes are <literal>socks5h</literal> (SOCKS5 with remote DNS " | |||
"resolution), <literal>http</literal> and <literal>https</literal>. " | |||
"Authentification details can be supplied via &apt-authconf; instead of " | |||
"Authentication details can be supplied via &apt-authconf; instead of " | |||
"including it in the URI directly." | |||
msgstr "" | |||
@@ -7019,14 +7019,14 @@ msgstr "" | |||
msgid "" | |||
"The various APT configuration options support the special value " | |||
"<literal>DIRECT</literal> meaning that no proxy should be used. The " | |||
"environment variable <envar>no_proxy</envar> with the same propose is also " | |||
"supported." | |||
"environment variable <envar>no_proxy</envar> is also supported for the same " | |||
"purpose." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"Further more there are three settings provided for cache control with " | |||
"Furthermore, there are three settings provided for cache control with " | |||
"HTTP/1.1 compliant proxy caches: <literal>Acquire::http::No-Cache</literal> " | |||
"tells the proxy not to use its cached response under any circumstances. " | |||
"<literal>Acquire::http::Max-Age</literal> sets the allowed maximum age (in " | |||
@@ -7045,8 +7045,8 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to specify " | |||
"an external command to discover the http proxy to use. The first and only " | |||
"parameter is an URI denoting the host to be contacted to allow for " | |||
"an external command to discover the HTTP proxy to use. The first and only " | |||
"parameter is a URI denoting the host to be contacted, to allow for " | |||
"host-specific configuration. APT expects the command to output the proxy on " | |||
"stdout as a single line in the previously specified URI format or the word " | |||
"<literal>DIRECT</literal> if no proxy should be used. No output indicates " | |||
@@ -7104,9 +7104,9 @@ msgid "" | |||
"The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used to " | |||
"enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be beneficial " | |||
"e.g. on high-latency connections. It specifies how many requests are sent in " | |||
"a pipeline. APT tries to detect and workaround misbehaving webservers and " | |||
"a pipeline. APT tries to detect and work around misbehaving webservers and " | |||
"proxies at runtime, but if you know that yours does not conform to the " | |||
"HTTP/1.1 specification pipelining can be disabled by setting the value to " | |||
"HTTP/1.1 specification, pipelining can be disabled by setting the value to " | |||
"0. It is enabled by default with the value 10." | |||
msgstr "" | |||
@@ -7129,7 +7129,7 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::SendAccept</literal> is enabled by default and sends " | |||
"a <literal>Accept: text/*</literal> header field to the server for requests " | |||
"an <literal>Accept: text/*</literal> header field to the server for requests " | |||
"without file extensions to prevent the server from attempting content " | |||
"negotiation." | |||
msgstr "" | |||
@@ -7168,19 +7168,18 @@ msgstr "" | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"This APT transport allows the use of repositories accessed via the HTTP " | |||
"Secure protocol (HTTPS) also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was before that available in a " | |||
"<package>apt-transport-https</package> package. Note that a transport is " | |||
"never called directly by a user but used by APT tools based on user " | |||
"configuration." | |||
"Secure protocol (HTTPS), also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was available before that in the package " | |||
"<package>apt-transport-https</package>. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"HTTP is by itself an unencrypted transport protocol (compare " | |||
"&apt-transport-http;), which, as indicated by the appended S is wrapped in " | |||
"an encrypted layer known as Transport Layer Security (TLS) which provides " | |||
"&apt-transport-http;), which, as indicated by the appended S, is wrapped in " | |||
"an encrypted layer known as Transport Layer Security (TLS) to provide " | |||
"end-to-end encryption. A sufficiently capable attacker can still observe " | |||
"the communication partners and deeper analyse of the encrypted communcation " | |||
"might still reveal important details. An overview over available " | |||
@@ -7190,9 +7189,8 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"The HTTPS protocol is based on the HTTP protocol and as such this " | |||
"implementation has the same relation meaning that all options supported by " | |||
"&apt-transport-http; are also available via " | |||
"The HTTPS protocol is based on the HTTP protocol, so all options supported " | |||
"by &apt-transport-http; are also available via " | |||
"<literal>Acquire::https</literal> and will default to the same values " | |||
"specified for <literal>Acquire::http</literal>. This manpage will only " | |||
"document the options <emphasis>unique to https</emphasis>." | |||
@@ -7212,12 +7210,12 @@ msgid "" | |||
"configured with the <literal>Acquire::https::CAInfo</literal> option and its " | |||
"host-specific option " | |||
"<literal>Acquire::https::CAInfo::<replaceable>host</replaceable></literal>. " | |||
"The option specifies a file is made of the concatenation of the CA " | |||
"certificates (in PEM format) creating the chain used for the verification of " | |||
"the path from the root (self signed one). If the remote server provides the " | |||
"whole chain during the exchange, the file need only contain the root " | |||
"certificate. Otherwise, the whole chain is required. If you need to support " | |||
"multiple authorities, the only way is to concatenate everything." | |||
"The CAInfo option specifies a file made up of CA certificates (in PEM " | |||
"format) concatenated together to create the chain which APT should use to " | |||
"verify the path from your self-signed root certificate. If the remote server " | |||
"provides the whole chain during the exchange, the file need only contain the " | |||
"root certificate. Otherwise, the whole chain is required. If you need to " | |||
"support multiple authorities, the only way is to concatenate everything." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -7225,9 +7223,8 @@ msgstr "" | |||
msgid "" | |||
"A custom certificate revocation list (CRL) can be configured with the " | |||
"options <literal>Acquire::https::CRLFile</literal> and " | |||
"<literal>Acquire::https::CRLFile::<replaceable>host</replaceable></literal> " | |||
"respectively. Like the previous option a file in PEM format needs to be " | |||
"specified." | |||
"<literal>Acquire::https::CRLFile::<replaceable>host</replaceable></literal>. " | |||
"As with the previous option, a file in PEM format needs to be specified." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -7238,15 +7235,15 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"When authenticating the server, if the certificate verification fails for " | |||
"some reason (expired, revoked, man in the middle, …), the connection fails. " | |||
"During server authentication, if certificate verification fails for some " | |||
"reason (expired, revoked, man in the middle, etc.), the connection fails. " | |||
"This is obviously what you want in all cases and what the default value " | |||
"(true) of the option <literal>Acquire::https::Verify-Peer</literal> and its " | |||
"host-specific variant provides. If you know <emphasis>exactly</emphasis> " | |||
"what you are doing, setting this option to \"false\" allows you to skip peer " | |||
"certificate verification and make the exchange succeed. Again, this option " | |||
"is for debugging or testing purpose only as it removes all security provided " | |||
"by the use of HTTPS." | |||
"what you are doing, setting this option to \"<literal>false</literal>\" " | |||
"allows you to skip peer certificate verification and make the exchange " | |||
"succeed. Again, this option is for debugging or testing purposes only as it " | |||
"removes all security provided by the use of HTTPS." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -7259,8 +7256,9 @@ msgid "" | |||
"2818, the name of the mirror is checked against the identity found in the " | |||
"certificate. This default behavior is safe and should not be changed, but if " | |||
"you know that the server you are using has a DNS name which does not match " | |||
"the identity in its certificate, you can set the option to \"false\", which " | |||
"will prevent the comparison to be done." | |||
"the identity in its certificate, you can set the option to " | |||
"\"<literal>false</literal>\", which will prevent the comparison from being " | |||
"performed." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -7271,10 +7269,10 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"Beside the password based authentication available (see &apt-authconf;) " | |||
"HTTPS supports authentication based on client certificates as well via " | |||
"Besides supporting password-based authentication (see &apt-authconf;) HTTPS " | |||
"also supports authentication based on client certificates via " | |||
"<literal>Acquire::https::SSLCert</literal> and " | |||
"<literal>Acquire::https::SSLKey</literal>. They respectively should be set " | |||
"<literal>Acquire::https::SSLKey</literal>. These should be set respectively " | |||
"to the filename of the X.509 client certificate and the associated " | |||
"(unencrypted) private key, both in PEM format. In practice the use of the " | |||
"host-specific variants of both options is highly recommended." | |||
@@ -7322,26 +7320,27 @@ msgstr "" | |||
msgid "" | |||
"This APT transport isn't implementing a protocol to access local or remote " | |||
"repositories on its own, but acquires a mirrorlist and redirects all " | |||
"requests to the mirror(s) picked from this list access via other transports " | |||
"like &apt-transport-http;. The basic functionality is available since apt " | |||
"0.7.24, but was undocumented until apt 1.6 which contained a complete rework " | |||
"of the transport and its supported features. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
"requests to the mirror(s) picked from this list, accessing them via other " | |||
"transports like &apt-transport-http;. The basic functionality has been " | |||
"available since apt 0.7.24, but was undocumented until apt 1.6 which " | |||
"contained a complete rework of the transport and its supported " | |||
"features. Note that a transport is never called directly by a user but used " | |||
"by APT tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If the acquisition of a file via a mirror fails the method ensures that " | |||
"automatically another possible mirror of the list is tried until either the " | |||
"file is retrieved or no mirror is left in the list handling transparently " | |||
"server downtimes and similar problems." | |||
"If the acquisition of a file via a mirror fails, the method ensures that " | |||
"another possible mirror from the list is automatically tried until either " | |||
"the file is retrieved or no mirror is left in the list, transparently " | |||
"handling server downtimes and similar problems." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The security implications of the transport are based on the security " | |||
"The security implications of the transport depend on the security " | |||
"considerations associated with the transport used to acquire the mirrorlist " | |||
"and the transports involved in accessing the chosen mirror(s) by the " | |||
"transport." | |||
@@ -7351,7 +7350,7 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"This transport has no configuration options at present. The mirror selection " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files apt " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files APT " | |||
"needs to acquire." | |||
msgstr "" | |||
@@ -7363,30 +7362,31 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"A mirrorlist contains at least one line each specifying an URI for a " | |||
"mirror. Empty lines and those starting with a hash key " | |||
"(<literal>#</literal>) are ignored. An URI always starts with a URI scheme " | |||
"which defines the transport used for this mirror. If the URI e.g. starts " | |||
"with <literal>http:</literal> the responsible transport is " | |||
"&apt-transport-http; which might have specific requirements for the format " | |||
"of the remaining part of the URI." | |||
"A mirrorlist contains one or more lines each specifying a URI for a mirror. " | |||
"Empty lines and those starting with a hash character (<literal>#</literal>) " | |||
"are ignored. A URI always starts with a URI scheme which defines the " | |||
"transport used for this mirror. If for example the URI starts with " | |||
"<literal>http:</literal>, the responsible transport is &apt-transport-http; " | |||
"which might have specific requirements for the format of the remaining part " | |||
"of the URI." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"An URI can optionally be separated from metadata about the mirror by a tab. " | |||
"Multiple datapoints in the provided metadata can itself be separated by " | |||
"spaces for tabs. (This is an advanced feature only available with apt >= " | |||
"1.6. Earlier apt versions will fail to parse mirrorlists using this feature)" | |||
"Metadata about a mirror can be given on the same line, separated from the " | |||
"URI by a tab. Multiple items of metadata can themselves be separated by " | |||
"either tabs or spaces. (This is an advanced feature only available with apt " | |||
">= 1.6. Earlier apt versions will fail to parse mirrorlists using this " | |||
"feature.)" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"Since apt 1.6 the usage of compressed mirrorlists is also supported. Note " | |||
"Since apt 1.6 the use of compressed mirrorlists is also supported. Note " | |||
"that the filename of the mirrorlist must specify the compression algorithm " | |||
"used, there is no auto-detection based on file content performed." | |||
"used; there is no auto-detection based on file contents." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -7397,14 +7397,14 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"As specified in the format a mirror can have additional metadata attached to " | |||
"prevent a mirror from being selected for acquiring a file not matching this " | |||
"metadata. This way the mirrorlist can e.g. contain partial mirrors serving " | |||
"only certain architectures and apt will automatically choose a different " | |||
"mirror for files requiring an unlisted architecture. Supported are limits " | |||
"for the architecture (<literal>arch</literal>), codename of the release " | |||
"(<literal>codename</literal>), component of the repository the file is in " | |||
"(<literal>component</literal>), language the file applies to " | |||
"As specified in the format, a mirror can have additional metadata attached " | |||
"to prevent a mirror from being selected for acquiring a file not matching " | |||
"this metadata. This way the mirrorlist can e.g. contain partial mirrors " | |||
"serving only certain architectures and APT will automatically choose a " | |||
"different mirror for files requiring an unlisted architecture. Supported are " | |||
"limits for the architecture (<literal>arch</literal>), codename of the " | |||
"release (<literal>codename</literal>), component of the repository the file " | |||
"is in (<literal>component</literal>), language the file applies to " | |||
"(<literal>lang</literal>), suite name of the release " | |||
"(<literal>suite</literal>) and type of the file (<literal>type</literal>)." | |||
msgstr "" | |||
@@ -7417,13 +7417,13 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If no priority is given via the metadata key <literal>priority</literal> for " | |||
"a mirror the order in which mirrors are contacted is random. If a certain " | |||
"set of mirrors should be tried first before any of another set is tried a " | |||
"priority can be explicitly set. The mirrors with the lowest number are tried " | |||
"first. Mirrors which have no explicit priority set default to the highest " | |||
"possible number and are therefore tried last. The choice between mirrors " | |||
"with the same priority is again random." | |||
"If no priority is given for a mirror via the metadata key " | |||
"<literal>priority</literal>, the order in which mirrors are contacted is " | |||
"random. If a certain set of mirrors should be tried first before any of " | |||
"another set is tried, a priority can be explicitly set. The mirrors with the " | |||
"lowest number are tried first. Mirrors which have no explicit priority set " | |||
"default to the highest possible number and are therefore tried last. The " | |||
"choice between mirrors with the same priority is again random." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -7435,9 +7435,9 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The availability and choice of transports in a mirrorlist is limited by how " | |||
"the apt client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used the mirrorlist " | |||
"can also include local sources while a mirrorlist accessed via " | |||
"the APT client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used, the mirrorlist " | |||
"can also include local sources, while a mirrorlist accessed via " | |||
"<literal>http</literal> can not. Additionally, a mirrorlist can not contain " | |||
"a mirrorlist or other wrapping transports (like " | |||
"<package>apt-transport-tor</package>). See the documentation of these " | |||
@@ -7489,10 +7489,10 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"All versions of the mirror method support a mirrorlist accessible via http, " | |||
"All versions of the mirror method support a mirrorlist accessible via HTTP, " | |||
"so assuming it is available at " | |||
"<literal>http://apt.example.org/mirror.lst</literal> the sources.list entry " | |||
"from above could be written instead as:" | |||
"from above could instead be written as:" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><literallayout> | |||
@@ -7519,10 +7519,10 @@ msgstr "" | |||
msgid "" | |||
"As explained in the format definition apt versions before 1.6 do not support " | |||
"this and will fail parsing the mirrorlist. The example mirrorlist is " | |||
"proposefully complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is local mirror accessible via " | |||
"the file method, but potentially incomplete. The second mirror has a great " | |||
"connection, but is a partial mirror in sofar as it only contains files " | |||
"intentionally complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is a local mirror accessible " | |||
"via the file method, but potentially incomplete. The second mirror has a " | |||
"great connection, but is a partial mirror insofar as it only contains files " | |||
"related to the architectures <literal>amd64</literal> and " | |||
"<literal>all</literal>. The remaining mirrors are average mirrors which " | |||
"should be contacted only if the earlier ones didn't work." | |||
@@ -7545,12 +7545,12 @@ msgstr "" | |||
msgid "" | |||
"In this setup with this mirrorlist the first mirror will be used to download " | |||
"all index files assuming the mirrorlist itself is accessed via a local " | |||
"transport like <literal>file</literal>. If it isn't, the mirror is otherwise " | |||
"inaccessible or does not contain the requested file another mirror will be " | |||
"used to acquire the file, which one depending on the type of the file: An " | |||
"index file will be served by the last mirror in the list, while a package of " | |||
"architecture <literal>amd64</literal> is served by the second and those of " | |||
"e.g. architecture <literal>i386</literal> by one of the last three." | |||
"transport like <literal>file</literal>. If it isn't, if the mirror is " | |||
"otherwise inaccessible or if it does not contain the requested file another " | |||
"mirror will be used to acquire the file, chosen depending on the type of the " | |||
"file: An index file will be served by the last mirror in the list, while a " | |||
"package of architecture <literal>amd64</literal> is served by the second and " | |||
"those of e.g. architecture <literal>i386</literal> by one of the last three." | |||
msgstr "" | |||
#. type: Attribute 'lang' of: <book> | |||
@@ -7,7 +7,7 @@ msgid "" | |||
msgstr "" | |||
"Project-Id-Version: apt-doc 1.3\n" | |||
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" | |||
"POT-Creation-Date: 2018-01-03 22:34+0000\n" | |||
"POT-Creation-Date: 2018-01-17 19:04+0100\n" | |||
"PO-Revision-Date: 2016-11-15 21:51+0200\n" | |||
"Last-Translator: Chris Leick <c.leick@vollbio.de>\n" | |||
"Language-Team: German <debian-l10n-german@lists.debian.org>\n" | |||
@@ -9899,20 +9899,20 @@ msgstr "" | |||
msgid "" | |||
"HTTP is an unencrypted transport protocol meaning that the whole " | |||
"communication with the remote server (or proxy) can be observed by a " | |||
"sufficiently capable attacker referred to commonly as man in the middle " | |||
"(MITM). Such an attacker can <emphasis>not</emphasis> modify the " | |||
"communication to compromise the security of your system through as APTs data " | |||
"sufficiently capable attacker commonly referred to as a \"man in the middle" | |||
"\" (MITM). However, such an attacker can <emphasis>not</emphasis> modify " | |||
"the communication to compromise the security of your system, as APT's data " | |||
"security model is independent of the chosen transport method. This is " | |||
"explained in detail in &apt-secure;. An overview over available transport " | |||
"explained in detail in &apt-secure;. An overview of available transport " | |||
"methods is given in &sources-list;." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"Various options are available to modify its behaviour which can be set in an " | |||
"&apt-conf; file ranging from proxy configuration to workaround for specific " | |||
"server insufficiencies." | |||
"Various options can be set in an &apt-conf; file to modify its behavior, " | |||
"ranging from proxy configuration to workarounds for specific server " | |||
"limitations." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -9926,17 +9926,17 @@ msgstr "Benutzerkonfiguration" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"The environment variable <envar>http_proxy</envar> is supported for system " | |||
"wide configuration. Proxies specific to apt can be configured via the " | |||
"wide configuration. Proxies specific to APT can be configured via the " | |||
"option <literal>Acquire::http::Proxy</literal>. Proxies which should be " | |||
"used only for certain hosts can be specified via <literal>Acquire::http::" | |||
"Proxy::<replaceable>host</replaceable></literal>. Even more finegrained " | |||
"control can be achieved via proxy autodetection detailed further below. All " | |||
"these options use the URI format <literal><replaceable>scheme</" | |||
"control can be achieved via proxy autodetection, detailed further below. " | |||
"All these options use the URI format <literal><replaceable>scheme</" | |||
"replaceable>://[[<replaceable>user</replaceable>][:<replaceable>pass</" | |||
"replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</" | |||
"replaceable>]/</literal>. Supported URI schemes are <literal>socks5h</" | |||
"literal> (SOCKS5 with remote DNS resolution), <literal>http</literal> and " | |||
"<literal>https</literal>. Authentification details can be supplied via &apt-" | |||
"<literal>https</literal>. Authentication details can be supplied via &apt-" | |||
"authconf; instead of including it in the URI directly." | |||
msgstr "" | |||
@@ -9945,8 +9945,8 @@ msgstr "" | |||
msgid "" | |||
"The various APT configuration options support the special value " | |||
"<literal>DIRECT</literal> meaning that no proxy should be used. The " | |||
"environment variable <envar>no_proxy</envar> with the same propose is also " | |||
"supported." | |||
"environment variable <envar>no_proxy</envar> is also supported for the same " | |||
"purpose." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -9961,7 +9961,7 @@ msgstr "" | |||
#| "store the requested archive files in its cache, which can be used to " | |||
#| "prevent the proxy from polluting its cache with (big) .deb files." | |||
msgid "" | |||
"Further more there are three settings provided for cache control with " | |||
"Furthermore, there are three settings provided for cache control with " | |||
"HTTP/1.1 compliant proxy caches: <literal>Acquire::http::No-Cache</literal> " | |||
"tells the proxy not to use its cached response under any circumstances. " | |||
"<literal>Acquire::http::Max-Age</literal> sets the allowed maximum age (in " | |||
@@ -10006,8 +10006,8 @@ msgstr "Benutzerkonfiguration" | |||
#| "<literal>ProxyAutoDetect</literal>." | |||
msgid "" | |||
"<literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to specify " | |||
"an external command to discover the http proxy to use. The first and only " | |||
"parameter is an URI denoting the host to be contacted to allow for host-" | |||
"an external command to discover the HTTP proxy to use. The first and only " | |||
"parameter is a URI denoting the host to be contacted, to allow for host-" | |||
"specific configuration. APT expects the command to output the proxy on " | |||
"stdout as a single line in the previously specified URI format or the word " | |||
"<literal>DIRECT</literal> if no proxy should be used. No output indicates " | |||
@@ -10098,14 +10098,23 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-http.1.xml | |||
#, fuzzy | |||
#| msgid "" | |||
#| "The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used " | |||
#| "to enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be " | |||
#| "beneficial e.g. on high-latency connections. It specifies how many " | |||
#| "requests are sent in a pipeline. APT tries to detect and workaround " | |||
#| "misbehaving webservers and proxies at runtime, but if you know that yours " | |||
#| "does not conform to the HTTP/1.1 specification pipelining can be disabled " | |||
#| "by setting the value to 0. It is enabled by default with the value 10." | |||
msgid "" | |||
"The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used to " | |||
"enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be beneficial e." | |||
"g. on high-latency connections. It specifies how many requests are sent in a " | |||
"pipeline. APT tries to detect and workaround misbehaving webservers and " | |||
"pipeline. APT tries to detect and work around misbehaving webservers and " | |||
"proxies at runtime, but if you know that yours does not conform to the " | |||
"HTTP/1.1 specification pipelining can be disabled by setting the value to 0. " | |||
"It is enabled by default with the value 10." | |||
"HTTP/1.1 specification, pipelining can be disabled by setting the value to " | |||
"0. It is enabled by default with the value 10." | |||
msgstr "" | |||
"Die Einstellung <literal>Acquire::http::Pipeline-Depth</literal> kann " | |||
"verwandt werden, um HTTP-Weiterleitung zu aktivieren (RFC 2616 Abschnitt " | |||
@@ -10142,7 +10151,7 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::SendAccept</literal> is enabled by default and sends " | |||
"a <literal>Accept: text/*</literal> header field to the server for requests " | |||
"an <literal>Accept: text/*</literal> header field to the server for requests " | |||
"without file extensions to prevent the server from attempting content " | |||
"negotiation." | |||
msgstr "" | |||
@@ -10183,18 +10192,18 @@ msgstr "" | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"This APT transport allows the use of repositories accessed via the HTTP " | |||
"Secure protocol (HTTPS) also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was before that available in a <package>apt-" | |||
"transport-https</package> package. Note that a transport is never called " | |||
"directly by a user but used by APT tools based on user configuration." | |||
"Secure protocol (HTTPS), also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was available before that in the package " | |||
"<package>apt-transport-https</package>. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"HTTP is by itself an unencrypted transport protocol (compare &apt-transport-" | |||
"http;), which, as indicated by the appended S is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) which provides end-to-end " | |||
"http;), which, as indicated by the appended S, is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) to provide end-to-end " | |||
"encryption. A sufficiently capable attacker can still observe the " | |||
"communication partners and deeper analyse of the encrypted communcation " | |||
"might still reveal important details. An overview over available " | |||
@@ -10204,9 +10213,8 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"The HTTPS protocol is based on the HTTP protocol and as such this " | |||
"implementation has the same relation meaning that all options supported by " | |||
"&apt-transport-http; are also available via <literal>Acquire::https</" | |||
"The HTTPS protocol is based on the HTTP protocol, so all options supported " | |||
"by &apt-transport-http; are also available via <literal>Acquire::https</" | |||
"literal> and will default to the same values specified for <literal>Acquire::" | |||
"http</literal>. This manpage will only document the options <emphasis>unique " | |||
"to https</emphasis>." | |||
@@ -10225,13 +10233,13 @@ msgid "" | |||
"certificate. An alternative certificate authority (CA) can be configured " | |||
"with the <literal>Acquire::https::CAInfo</literal> option and its host-" | |||
"specific option <literal>Acquire::https::CAInfo::<replaceable>host</" | |||
"replaceable></literal>. The option specifies a file is made of the " | |||
"concatenation of the CA certificates (in PEM format) creating the chain used " | |||
"for the verification of the path from the root (self signed one). If the " | |||
"remote server provides the whole chain during the exchange, the file need " | |||
"only contain the root certificate. Otherwise, the whole chain is required. " | |||
"If you need to support multiple authorities, the only way is to concatenate " | |||
"everything." | |||
"replaceable></literal>. The CAInfo option specifies a file made up of CA " | |||
"certificates (in PEM format) concatenated together to create the chain " | |||
"which APT should use to verify the path from your self-signed root " | |||
"certificate. If the remote server provides the whole chain during the " | |||
"exchange, the file need only contain the root certificate. Otherwise, the " | |||
"whole chain is required. If you need to support multiple authorities, the " | |||
"only way is to concatenate everything." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10239,8 +10247,8 @@ msgstr "" | |||
msgid "" | |||
"A custom certificate revocation list (CRL) can be configured with the " | |||
"options <literal>Acquire::https::CRLFile</literal> and <literal>Acquire::" | |||
"https::CRLFile::<replaceable>host</replaceable></literal> respectively. " | |||
"Like the previous option a file in PEM format needs to be specified." | |||
"https::CRLFile::<replaceable>host</replaceable></literal>. As with the " | |||
"previous option, a file in PEM format needs to be specified." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10251,15 +10259,15 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"When authenticating the server, if the certificate verification fails for " | |||
"some reason (expired, revoked, man in the middle, …), the connection fails. " | |||
"During server authentication, if certificate verification fails for some " | |||
"reason (expired, revoked, man in the middle, etc.), the connection fails. " | |||
"This is obviously what you want in all cases and what the default value " | |||
"(true) of the option <literal>Acquire::https::Verify-Peer</literal> and its " | |||
"host-specific variant provides. If you know <emphasis>exactly</emphasis> " | |||
"what you are doing, setting this option to \"false\" allows you to skip peer " | |||
"certificate verification and make the exchange succeed. Again, this option " | |||
"is for debugging or testing purpose only as it removes all security provided " | |||
"by the use of HTTPS." | |||
"what you are doing, setting this option to \"<literal>false</literal>\" " | |||
"allows you to skip peer certificate verification and make the exchange " | |||
"succeed. Again, this option is for debugging or testing purposes only as it " | |||
"removes all security provided by the use of HTTPS." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10272,8 +10280,8 @@ msgid "" | |||
"2818, the name of the mirror is checked against the identity found in the " | |||
"certificate. This default behavior is safe and should not be changed, but if " | |||
"you know that the server you are using has a DNS name which does not match " | |||
"the identity in its certificate, you can set the option to \"false\", which " | |||
"will prevent the comparison to be done." | |||
"the identity in its certificate, you can set the option to \"<literal>false</" | |||
"literal>\", which will prevent the comparison from being performed." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10284,10 +10292,10 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"Beside the password based authentication available (see &apt-authconf;) " | |||
"HTTPS supports authentication based on client certificates as well via " | |||
"Besides supporting password-based authentication (see &apt-authconf;) HTTPS " | |||
"also supports authentication based on client certificates via " | |||
"<literal>Acquire::https::SSLCert</literal> and <literal>Acquire::https::" | |||
"SSLKey</literal>. They respectively should be set to the filename of the " | |||
"SSLKey</literal>. These should be set respectively to the filename of the " | |||
"X.509 client certificate and the associated (unencrypted) private key, both " | |||
"in PEM format. In practice the use of the host-specific variants of both " | |||
"options is highly recommended." | |||
@@ -10337,26 +10345,27 @@ msgstr "" | |||
msgid "" | |||
"This APT transport isn't implementing a protocol to access local or remote " | |||
"repositories on its own, but acquires a mirrorlist and redirects all " | |||
"requests to the mirror(s) picked from this list access via other transports " | |||
"like &apt-transport-http;. The basic functionality is available since apt " | |||
"0.7.24, but was undocumented until apt 1.6 which contained a complete rework " | |||
"of the transport and its supported features. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
"requests to the mirror(s) picked from this list, accessing them via other " | |||
"transports like &apt-transport-http;. The basic functionality has been " | |||
"available since apt 0.7.24, but was undocumented until apt 1.6 which " | |||
"contained a complete rework of the transport and its supported features. " | |||
"Note that a transport is never called directly by a user but used by APT " | |||
"tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If the acquisition of a file via a mirror fails the method ensures that " | |||
"automatically another possible mirror of the list is tried until either the " | |||
"file is retrieved or no mirror is left in the list handling transparently " | |||
"server downtimes and similar problems." | |||
"If the acquisition of a file via a mirror fails, the method ensures that " | |||
"another possible mirror from the list is automatically tried until either " | |||
"the file is retrieved or no mirror is left in the list, transparently " | |||
"handling server downtimes and similar problems." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The security implications of the transport are based on the security " | |||
"The security implications of the transport depend on the security " | |||
"considerations associated with the transport used to acquire the mirrorlist " | |||
"and the transports involved in accessing the chosen mirror(s) by the " | |||
"transport." | |||
@@ -10366,7 +10375,7 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"This transport has no configuration options at present. The mirror selection " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files apt " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files APT " | |||
"needs to acquire." | |||
msgstr "" | |||
@@ -10378,11 +10387,11 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"A mirrorlist contains at least one line each specifying an URI for a " | |||
"mirror. Empty lines and those starting with a hash key (<literal>#</" | |||
"literal>) are ignored. An URI always starts with a URI scheme which defines " | |||
"the transport used for this mirror. If the URI e.g. starts with " | |||
"<literal>http:</literal> the responsible transport is &apt-transport-http; " | |||
"A mirrorlist contains one or more lines each specifying a URI for a mirror. " | |||
"Empty lines and those starting with a hash character (<literal>#</literal>) " | |||
"are ignored. A URI always starts with a URI scheme which defines the " | |||
"transport used for this mirror. If for example the URI starts with " | |||
"<literal>http:</literal>, the responsible transport is &apt-transport-http; " | |||
"which might have specific requirements for the format of the remaining part " | |||
"of the URI." | |||
msgstr "" | |||
@@ -10390,18 +10399,19 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"An URI can optionally be separated from metadata about the mirror by a tab. " | |||
"Multiple datapoints in the provided metadata can itself be separated by " | |||
"spaces for tabs. (This is an advanced feature only available with apt >= " | |||
"1.6. Earlier apt versions will fail to parse mirrorlists using this feature)" | |||
"Metadata about a mirror can be given on the same line, separated from the " | |||
"URI by a tab. Multiple items of metadata can themselves be separated by " | |||
"either tabs or spaces. (This is an advanced feature only available with apt " | |||
">= 1.6. Earlier apt versions will fail to parse mirrorlists using this " | |||
"feature.)" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"Since apt 1.6 the usage of compressed mirrorlists is also supported. Note " | |||
"Since apt 1.6 the use of compressed mirrorlists is also supported. Note " | |||
"that the filename of the mirrorlist must specify the compression algorithm " | |||
"used, there is no auto-detection based on file content performed." | |||
"used; there is no auto-detection based on file contents." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10412,16 +10422,16 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"As specified in the format a mirror can have additional metadata attached to " | |||
"prevent a mirror from being selected for acquiring a file not matching this " | |||
"metadata. This way the mirrorlist can e.g. contain partial mirrors serving " | |||
"only certain architectures and apt will automatically choose a different " | |||
"mirror for files requiring an unlisted architecture. Supported are limits " | |||
"for the architecture (<literal>arch</literal>), codename of the release " | |||
"(<literal>codename</literal>), component of the repository the file is in " | |||
"(<literal>component</literal>), language the file applies to (<literal>lang</" | |||
"literal>), suite name of the release (<literal>suite</literal>) and type of " | |||
"the file (<literal>type</literal>)." | |||
"As specified in the format, a mirror can have additional metadata attached " | |||
"to prevent a mirror from being selected for acquiring a file not matching " | |||
"this metadata. This way the mirrorlist can e.g. contain partial mirrors " | |||
"serving only certain architectures and APT will automatically choose a " | |||
"different mirror for files requiring an unlisted architecture. Supported are " | |||
"limits for the architecture (<literal>arch</literal>), codename of the " | |||
"release (<literal>codename</literal>), component of the repository the file " | |||
"is in (<literal>component</literal>), language the file applies to " | |||
"(<literal>lang</literal>), suite name of the release (<literal>suite</" | |||
"literal>) and type of the file (<literal>type</literal>)." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10432,9 +10442,9 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If no priority is given via the metadata key <literal>priority</literal> for " | |||
"a mirror the order in which mirrors are contacted is random. If a certain " | |||
"set of mirrors should be tried first before any of another set is tried a " | |||
"If no priority is given for a mirror via the metadata key <literal>priority</" | |||
"literal>, the order in which mirrors are contacted is random. If a certain " | |||
"set of mirrors should be tried first before any of another set is tried, a " | |||
"priority can be explicitly set. The mirrors with the lowest number are tried " | |||
"first. Mirrors which have no explicit priority set default to the highest " | |||
"possible number and are therefore tried last. The choice between mirrors " | |||
@@ -10450,9 +10460,9 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The availability and choice of transports in a mirrorlist is limited by how " | |||
"the apt client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used the mirrorlist " | |||
"can also include local sources while a mirrorlist accessed via " | |||
"the APT client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used, the mirrorlist " | |||
"can also include local sources, while a mirrorlist accessed via " | |||
"<literal>http</literal> can not. Additionally, a mirrorlist can not contain " | |||
"a mirrorlist or other wrapping transports (like <package>apt-transport-tor</" | |||
"package>). See the documentation of these transports on how to use them " | |||
@@ -10504,9 +10514,9 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"All versions of the mirror method support a mirrorlist accessible via http, " | |||
"All versions of the mirror method support a mirrorlist accessible via HTTP, " | |||
"so assuming it is available at <literal>http://apt.example.org/mirror.lst</" | |||
"literal> the sources.list entry from above could be written instead as:" | |||
"literal> the sources.list entry from above could instead be written as:" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><literallayout> | |||
@@ -10534,10 +10544,10 @@ msgstr "" | |||
msgid "" | |||
"As explained in the format definition apt versions before 1.6 do not support " | |||
"this and will fail parsing the mirrorlist. The example mirrorlist is " | |||
"proposefully complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is local mirror accessible via " | |||
"the file method, but potentially incomplete. The second mirror has a great " | |||
"connection, but is a partial mirror in sofar as it only contains files " | |||
"intentionally complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is a local mirror accessible " | |||
"via the file method, but potentially incomplete. The second mirror has a " | |||
"great connection, but is a partial mirror insofar as it only contains files " | |||
"related to the architectures <literal>amd64</literal> and <literal>all</" | |||
"literal>. The remaining mirrors are average mirrors which should be " | |||
"contacted only if the earlier ones didn't work." | |||
@@ -10559,12 +10569,12 @@ msgstr "" | |||
msgid "" | |||
"In this setup with this mirrorlist the first mirror will be used to download " | |||
"all index files assuming the mirrorlist itself is accessed via a local " | |||
"transport like <literal>file</literal>. If it isn't, the mirror is otherwise " | |||
"inaccessible or does not contain the requested file another mirror will be " | |||
"used to acquire the file, which one depending on the type of the file: An " | |||
"index file will be served by the last mirror in the list, while a package of " | |||
"architecture <literal>amd64</literal> is served by the second and those of e." | |||
"g. architecture <literal>i386</literal> by one of the last three." | |||
"transport like <literal>file</literal>. If it isn't, if the mirror is " | |||
"otherwise inaccessible or if it does not contain the requested file another " | |||
"mirror will be used to acquire the file, chosen depending on the type of the " | |||
"file: An index file will be served by the last mirror in the list, while a " | |||
"package of architecture <literal>amd64</literal> is served by the second and " | |||
"those of e.g. architecture <literal>i386</literal> by one of the last three." | |||
msgstr "" | |||
#. type: Attribute 'lang' of: <book> | |||
@@ -38,7 +38,7 @@ msgid "" | |||
msgstr "" | |||
"Project-Id-Version: apt-doc 1.0.5\n" | |||
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" | |||
"POT-Creation-Date: 2018-01-03 22:34+0000\n" | |||
"POT-Creation-Date: 2018-01-17 19:04+0100\n" | |||
"PO-Revision-Date: 2014-07-04 01:31+0200\n" | |||
"Last-Translator: Omar Campagne <ocampagne@gmail.com>\n" | |||
"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n" | |||
@@ -9741,20 +9741,20 @@ msgstr "" | |||
msgid "" | |||
"HTTP is an unencrypted transport protocol meaning that the whole " | |||
"communication with the remote server (or proxy) can be observed by a " | |||
"sufficiently capable attacker referred to commonly as man in the middle " | |||
"(MITM). Such an attacker can <emphasis>not</emphasis> modify the " | |||
"communication to compromise the security of your system through as APTs data " | |||
"sufficiently capable attacker commonly referred to as a \"man in the middle" | |||
"\" (MITM). However, such an attacker can <emphasis>not</emphasis> modify " | |||
"the communication to compromise the security of your system, as APT's data " | |||
"security model is independent of the chosen transport method. This is " | |||
"explained in detail in &apt-secure;. An overview over available transport " | |||
"explained in detail in &apt-secure;. An overview of available transport " | |||
"methods is given in &sources-list;." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"Various options are available to modify its behaviour which can be set in an " | |||
"&apt-conf; file ranging from proxy configuration to workaround for specific " | |||
"server insufficiencies." | |||
"Various options can be set in an &apt-conf; file to modify its behavior, " | |||
"ranging from proxy configuration to workarounds for specific server " | |||
"limitations." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -9768,17 +9768,17 @@ msgstr "Configuración de usuario" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"The environment variable <envar>http_proxy</envar> is supported for system " | |||
"wide configuration. Proxies specific to apt can be configured via the " | |||
"wide configuration. Proxies specific to APT can be configured via the " | |||
"option <literal>Acquire::http::Proxy</literal>. Proxies which should be " | |||
"used only for certain hosts can be specified via <literal>Acquire::http::" | |||
"Proxy::<replaceable>host</replaceable></literal>. Even more finegrained " | |||
"control can be achieved via proxy autodetection detailed further below. All " | |||
"these options use the URI format <literal><replaceable>scheme</" | |||
"control can be achieved via proxy autodetection, detailed further below. " | |||
"All these options use the URI format <literal><replaceable>scheme</" | |||
"replaceable>://[[<replaceable>user</replaceable>][:<replaceable>pass</" | |||
"replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</" | |||
"replaceable>]/</literal>. Supported URI schemes are <literal>socks5h</" | |||
"literal> (SOCKS5 with remote DNS resolution), <literal>http</literal> and " | |||
"<literal>https</literal>. Authentification details can be supplied via &apt-" | |||
"<literal>https</literal>. Authentication details can be supplied via &apt-" | |||
"authconf; instead of including it in the URI directly." | |||
msgstr "" | |||
@@ -9787,8 +9787,8 @@ msgstr "" | |||
msgid "" | |||
"The various APT configuration options support the special value " | |||
"<literal>DIRECT</literal> meaning that no proxy should be used. The " | |||
"environment variable <envar>no_proxy</envar> with the same propose is also " | |||
"supported." | |||
"environment variable <envar>no_proxy</envar> is also supported for the same " | |||
"purpose." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -9803,7 +9803,7 @@ msgstr "" | |||
#| "store the requested archive files in its cache, which can be used to " | |||
#| "prevent the proxy from polluting its cache with (big) .deb files." | |||
msgid "" | |||
"Further more there are three settings provided for cache control with " | |||
"Furthermore, there are three settings provided for cache control with " | |||
"HTTP/1.1 compliant proxy caches: <literal>Acquire::http::No-Cache</literal> " | |||
"tells the proxy not to use its cached response under any circumstances. " | |||
"<literal>Acquire::http::Max-Age</literal> sets the allowed maximum age (in " | |||
@@ -9831,8 +9831,8 @@ msgstr "Configuración de usuario" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to specify " | |||
"an external command to discover the http proxy to use. The first and only " | |||
"parameter is an URI denoting the host to be contacted to allow for host-" | |||
"an external command to discover the HTTP proxy to use. The first and only " | |||
"parameter is a URI denoting the host to be contacted, to allow for host-" | |||
"specific configuration. APT expects the command to output the proxy on " | |||
"stdout as a single line in the previously specified URI format or the word " | |||
"<literal>DIRECT</literal> if no proxy should be used. No output indicates " | |||
@@ -9920,10 +9920,10 @@ msgid "" | |||
"The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used to " | |||
"enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be beneficial e." | |||
"g. on high-latency connections. It specifies how many requests are sent in a " | |||
"pipeline. APT tries to detect and workaround misbehaving webservers and " | |||
"pipeline. APT tries to detect and work around misbehaving webservers and " | |||
"proxies at runtime, but if you know that yours does not conform to the " | |||
"HTTP/1.1 specification pipelining can be disabled by setting the value to 0. " | |||
"It is enabled by default with the value 10." | |||
"HTTP/1.1 specification, pipelining can be disabled by setting the value to " | |||
"0. It is enabled by default with the value 10." | |||
msgstr "" | |||
"La opción <literal>Acquire::http::Pipeline-Depth</literal> se puede utilizar " | |||
"para activar HTTP pipelining (RFC 2616 sección 8.1.2.2), que puede " | |||
@@ -9958,7 +9958,7 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::SendAccept</literal> is enabled by default and sends " | |||
"a <literal>Accept: text/*</literal> header field to the server for requests " | |||
"an <literal>Accept: text/*</literal> header field to the server for requests " | |||
"without file extensions to prevent the server from attempting content " | |||
"negotiation." | |||
msgstr "" | |||
@@ -9999,18 +9999,18 @@ msgstr "" | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"This APT transport allows the use of repositories accessed via the HTTP " | |||
"Secure protocol (HTTPS) also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was before that available in a <package>apt-" | |||
"transport-https</package> package. Note that a transport is never called " | |||
"directly by a user but used by APT tools based on user configuration." | |||
"Secure protocol (HTTPS), also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was available before that in the package " | |||
"<package>apt-transport-https</package>. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"HTTP is by itself an unencrypted transport protocol (compare &apt-transport-" | |||
"http;), which, as indicated by the appended S is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) which provides end-to-end " | |||
"http;), which, as indicated by the appended S, is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) to provide end-to-end " | |||
"encryption. A sufficiently capable attacker can still observe the " | |||
"communication partners and deeper analyse of the encrypted communcation " | |||
"might still reveal important details. An overview over available " | |||
@@ -10020,9 +10020,8 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"The HTTPS protocol is based on the HTTP protocol and as such this " | |||
"implementation has the same relation meaning that all options supported by " | |||
"&apt-transport-http; are also available via <literal>Acquire::https</" | |||
"The HTTPS protocol is based on the HTTP protocol, so all options supported " | |||
"by &apt-transport-http; are also available via <literal>Acquire::https</" | |||
"literal> and will default to the same values specified for <literal>Acquire::" | |||
"http</literal>. This manpage will only document the options <emphasis>unique " | |||
"to https</emphasis>." | |||
@@ -10041,13 +10040,13 @@ msgid "" | |||
"certificate. An alternative certificate authority (CA) can be configured " | |||
"with the <literal>Acquire::https::CAInfo</literal> option and its host-" | |||
"specific option <literal>Acquire::https::CAInfo::<replaceable>host</" | |||
"replaceable></literal>. The option specifies a file is made of the " | |||
"concatenation of the CA certificates (in PEM format) creating the chain used " | |||
"for the verification of the path from the root (self signed one). If the " | |||
"remote server provides the whole chain during the exchange, the file need " | |||
"only contain the root certificate. Otherwise, the whole chain is required. " | |||
"If you need to support multiple authorities, the only way is to concatenate " | |||
"everything." | |||
"replaceable></literal>. The CAInfo option specifies a file made up of CA " | |||
"certificates (in PEM format) concatenated together to create the chain " | |||
"which APT should use to verify the path from your self-signed root " | |||
"certificate. If the remote server provides the whole chain during the " | |||
"exchange, the file need only contain the root certificate. Otherwise, the " | |||
"whole chain is required. If you need to support multiple authorities, the " | |||
"only way is to concatenate everything." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10055,8 +10054,8 @@ msgstr "" | |||
msgid "" | |||
"A custom certificate revocation list (CRL) can be configured with the " | |||
"options <literal>Acquire::https::CRLFile</literal> and <literal>Acquire::" | |||
"https::CRLFile::<replaceable>host</replaceable></literal> respectively. " | |||
"Like the previous option a file in PEM format needs to be specified." | |||
"https::CRLFile::<replaceable>host</replaceable></literal>. As with the " | |||
"previous option, a file in PEM format needs to be specified." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10067,15 +10066,15 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"When authenticating the server, if the certificate verification fails for " | |||
"some reason (expired, revoked, man in the middle, …), the connection fails. " | |||
"During server authentication, if certificate verification fails for some " | |||
"reason (expired, revoked, man in the middle, etc.), the connection fails. " | |||
"This is obviously what you want in all cases and what the default value " | |||
"(true) of the option <literal>Acquire::https::Verify-Peer</literal> and its " | |||
"host-specific variant provides. If you know <emphasis>exactly</emphasis> " | |||
"what you are doing, setting this option to \"false\" allows you to skip peer " | |||
"certificate verification and make the exchange succeed. Again, this option " | |||
"is for debugging or testing purpose only as it removes all security provided " | |||
"by the use of HTTPS." | |||
"what you are doing, setting this option to \"<literal>false</literal>\" " | |||
"allows you to skip peer certificate verification and make the exchange " | |||
"succeed. Again, this option is for debugging or testing purposes only as it " | |||
"removes all security provided by the use of HTTPS." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10088,8 +10087,8 @@ msgid "" | |||
"2818, the name of the mirror is checked against the identity found in the " | |||
"certificate. This default behavior is safe and should not be changed, but if " | |||
"you know that the server you are using has a DNS name which does not match " | |||
"the identity in its certificate, you can set the option to \"false\", which " | |||
"will prevent the comparison to be done." | |||
"the identity in its certificate, you can set the option to \"<literal>false</" | |||
"literal>\", which will prevent the comparison from being performed." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10100,10 +10099,10 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"Beside the password based authentication available (see &apt-authconf;) " | |||
"HTTPS supports authentication based on client certificates as well via " | |||
"Besides supporting password-based authentication (see &apt-authconf;) HTTPS " | |||
"also supports authentication based on client certificates via " | |||
"<literal>Acquire::https::SSLCert</literal> and <literal>Acquire::https::" | |||
"SSLKey</literal>. They respectively should be set to the filename of the " | |||
"SSLKey</literal>. These should be set respectively to the filename of the " | |||
"X.509 client certificate and the associated (unencrypted) private key, both " | |||
"in PEM format. In practice the use of the host-specific variants of both " | |||
"options is highly recommended." | |||
@@ -10153,26 +10152,27 @@ msgstr "" | |||
msgid "" | |||
"This APT transport isn't implementing a protocol to access local or remote " | |||
"repositories on its own, but acquires a mirrorlist and redirects all " | |||
"requests to the mirror(s) picked from this list access via other transports " | |||
"like &apt-transport-http;. The basic functionality is available since apt " | |||
"0.7.24, but was undocumented until apt 1.6 which contained a complete rework " | |||
"of the transport and its supported features. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
"requests to the mirror(s) picked from this list, accessing them via other " | |||
"transports like &apt-transport-http;. The basic functionality has been " | |||
"available since apt 0.7.24, but was undocumented until apt 1.6 which " | |||
"contained a complete rework of the transport and its supported features. " | |||
"Note that a transport is never called directly by a user but used by APT " | |||
"tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If the acquisition of a file via a mirror fails the method ensures that " | |||
"automatically another possible mirror of the list is tried until either the " | |||
"file is retrieved or no mirror is left in the list handling transparently " | |||
"server downtimes and similar problems." | |||
"If the acquisition of a file via a mirror fails, the method ensures that " | |||
"another possible mirror from the list is automatically tried until either " | |||
"the file is retrieved or no mirror is left in the list, transparently " | |||
"handling server downtimes and similar problems." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The security implications of the transport are based on the security " | |||
"The security implications of the transport depend on the security " | |||
"considerations associated with the transport used to acquire the mirrorlist " | |||
"and the transports involved in accessing the chosen mirror(s) by the " | |||
"transport." | |||
@@ -10182,7 +10182,7 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"This transport has no configuration options at present. The mirror selection " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files apt " | |||
"is based entirely on the mirrors offered in the mirrorlist and the files APT " | |||
"needs to acquire." | |||
msgstr "" | |||
@@ -10194,11 +10194,11 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"A mirrorlist contains at least one line each specifying an URI for a " | |||
"mirror. Empty lines and those starting with a hash key (<literal>#</" | |||
"literal>) are ignored. An URI always starts with a URI scheme which defines " | |||
"the transport used for this mirror. If the URI e.g. starts with " | |||
"<literal>http:</literal> the responsible transport is &apt-transport-http; " | |||
"A mirrorlist contains one or more lines each specifying a URI for a mirror. " | |||
"Empty lines and those starting with a hash character (<literal>#</literal>) " | |||
"are ignored. A URI always starts with a URI scheme which defines the " | |||
"transport used for this mirror. If for example the URI starts with " | |||
"<literal>http:</literal>, the responsible transport is &apt-transport-http; " | |||
"which might have specific requirements for the format of the remaining part " | |||
"of the URI." | |||
msgstr "" | |||
@@ -10206,18 +10206,19 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"An URI can optionally be separated from metadata about the mirror by a tab. " | |||
"Multiple datapoints in the provided metadata can itself be separated by " | |||
"spaces for tabs. (This is an advanced feature only available with apt >= " | |||
"1.6. Earlier apt versions will fail to parse mirrorlists using this feature)" | |||
"Metadata about a mirror can be given on the same line, separated from the " | |||
"URI by a tab. Multiple items of metadata can themselves be separated by " | |||
"either tabs or spaces. (This is an advanced feature only available with apt " | |||
">= 1.6. Earlier apt versions will fail to parse mirrorlists using this " | |||
"feature.)" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"Since apt 1.6 the usage of compressed mirrorlists is also supported. Note " | |||
"Since apt 1.6 the use of compressed mirrorlists is also supported. Note " | |||
"that the filename of the mirrorlist must specify the compression algorithm " | |||
"used, there is no auto-detection based on file content performed." | |||
"used; there is no auto-detection based on file contents." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10228,16 +10229,16 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"As specified in the format a mirror can have additional metadata attached to " | |||
"prevent a mirror from being selected for acquiring a file not matching this " | |||
"metadata. This way the mirrorlist can e.g. contain partial mirrors serving " | |||
"only certain architectures and apt will automatically choose a different " | |||
"mirror for files requiring an unlisted architecture. Supported are limits " | |||
"for the architecture (<literal>arch</literal>), codename of the release " | |||
"(<literal>codename</literal>), component of the repository the file is in " | |||
"(<literal>component</literal>), language the file applies to (<literal>lang</" | |||
"literal>), suite name of the release (<literal>suite</literal>) and type of " | |||
"the file (<literal>type</literal>)." | |||
"As specified in the format, a mirror can have additional metadata attached " | |||
"to prevent a mirror from being selected for acquiring a file not matching " | |||
"this metadata. This way the mirrorlist can e.g. contain partial mirrors " | |||
"serving only certain architectures and APT will automatically choose a " | |||
"different mirror for files requiring an unlisted architecture. Supported are " | |||
"limits for the architecture (<literal>arch</literal>), codename of the " | |||
"release (<literal>codename</literal>), component of the repository the file " | |||
"is in (<literal>component</literal>), language the file applies to " | |||
"(<literal>lang</literal>), suite name of the release (<literal>suite</" | |||
"literal>) and type of the file (<literal>type</literal>)." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10248,9 +10249,9 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"If no priority is given via the metadata key <literal>priority</literal> for " | |||
"a mirror the order in which mirrors are contacted is random. If a certain " | |||
"set of mirrors should be tried first before any of another set is tried a " | |||
"If no priority is given for a mirror via the metadata key <literal>priority</" | |||
"literal>, the order in which mirrors are contacted is random. If a certain " | |||
"set of mirrors should be tried first before any of another set is tried, a " | |||
"priority can be explicitly set. The mirrors with the lowest number are tried " | |||
"first. Mirrors which have no explicit priority set default to the highest " | |||
"possible number and are therefore tried last. The choice between mirrors " | |||
@@ -10266,9 +10267,9 @@ msgstr "" | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"The availability and choice of transports in a mirrorlist is limited by how " | |||
"the apt client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used the mirrorlist " | |||
"can also include local sources while a mirrorlist accessed via " | |||
"the APT client is accessing the mirrorlist. If a local transport like " | |||
"<literal>file</literal> or <literal>copy</literal> is used, the mirrorlist " | |||
"can also include local sources, while a mirrorlist accessed via " | |||
"<literal>http</literal> can not. Additionally, a mirrorlist can not contain " | |||
"a mirrorlist or other wrapping transports (like <package>apt-transport-tor</" | |||
"package>). See the documentation of these transports on how to use them " | |||
@@ -10320,9 +10321,9 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-mirror.1.xml | |||
msgid "" | |||
"All versions of the mirror method support a mirrorlist accessible via http, " | |||
"All versions of the mirror method support a mirrorlist accessible via HTTP, " | |||
"so assuming it is available at <literal>http://apt.example.org/mirror.lst</" | |||
"literal> the sources.list entry from above could be written instead as:" | |||
"literal> the sources.list entry from above could instead be written as:" | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><literallayout> | |||
@@ -10350,10 +10351,10 @@ msgstr "" | |||
msgid "" | |||
"As explained in the format definition apt versions before 1.6 do not support " | |||
"this and will fail parsing the mirrorlist. The example mirrorlist is " | |||
"proposefully complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is local mirror accessible via " | |||
"the file method, but potentially incomplete. The second mirror has a great " | |||
"connection, but is a partial mirror in sofar as it only contains files " | |||
"intentionally complicated to show some aspects of the selection. The " | |||
"following setup is assumed: The first mirror is a local mirror accessible " | |||
"via the file method, but potentially incomplete. The second mirror has a " | |||
"great connection, but is a partial mirror insofar as it only contains files " | |||
"related to the architectures <literal>amd64</literal> and <literal>all</" | |||
"literal>. The remaining mirrors are average mirrors which should be " | |||
"contacted only if the earlier ones didn't work." | |||
@@ -10375,12 +10376,12 @@ msgstr "" | |||
msgid "" | |||
"In this setup with this mirrorlist the first mirror will be used to download " | |||
"all index files assuming the mirrorlist itself is accessed via a local " | |||
"transport like <literal>file</literal>. If it isn't, the mirror is otherwise " | |||
"inaccessible or does not contain the requested file another mirror will be " | |||
"used to acquire the file, which one depending on the type of the file: An " | |||
"index file will be served by the last mirror in the list, while a package of " | |||
"architecture <literal>amd64</literal> is served by the second and those of e." | |||
"g. architecture <literal>i386</literal> by one of the last three." | |||
"transport like <literal>file</literal>. If it isn't, if the mirror is " | |||
"otherwise inaccessible or if it does not contain the requested file another " | |||
"mirror will be used to acquire the file, chosen depending on the type of the " | |||
"file: An index file will be served by the last mirror in the list, while a " | |||
"package of architecture <literal>amd64</literal> is served by the second and " | |||
"those of e.g. architecture <literal>i386</literal> by one of the last three." | |||
msgstr "" | |||
#. type: Attribute 'lang' of: <book> | |||
@@ -12,7 +12,7 @@ msgid "" | |||
msgstr "" | |||
"Project-Id-Version: apt-doc 1.0.5\n" | |||
"Report-Msgid-Bugs-To: APT Development Team <deity@lists.debian.org>\n" | |||
"POT-Creation-Date: 2018-01-03 22:34+0000\n" | |||
"POT-Creation-Date: 2018-01-17 19:04+0100\n" | |||
"PO-Revision-Date: 2017-01-24 22:43+0100\n" | |||
"Last-Translator: Jean-Pierre Giraud <jean-pierregiraud@neuf.fr>\n" | |||
"Language-Team: French <debian-l10n-french@lists.debian.org>\n" | |||
@@ -9877,20 +9877,20 @@ msgstr "" | |||
msgid "" | |||
"HTTP is an unencrypted transport protocol meaning that the whole " | |||
"communication with the remote server (or proxy) can be observed by a " | |||
"sufficiently capable attacker referred to commonly as man in the middle " | |||
"(MITM). Such an attacker can <emphasis>not</emphasis> modify the " | |||
"communication to compromise the security of your system through as APTs data " | |||
"sufficiently capable attacker commonly referred to as a \"man in the middle" | |||
"\" (MITM). However, such an attacker can <emphasis>not</emphasis> modify " | |||
"the communication to compromise the security of your system, as APT's data " | |||
"security model is independent of the chosen transport method. This is " | |||
"explained in detail in &apt-secure;. An overview over available transport " | |||
"explained in detail in &apt-secure;. An overview of available transport " | |||
"methods is given in &sources-list;." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"Various options are available to modify its behaviour which can be set in an " | |||
"&apt-conf; file ranging from proxy configuration to workaround for specific " | |||
"server insufficiencies." | |||
"Various options can be set in an &apt-conf; file to modify its behavior, " | |||
"ranging from proxy configuration to workarounds for specific server " | |||
"limitations." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -9904,17 +9904,17 @@ msgstr "Configuration utilisateur" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"The environment variable <envar>http_proxy</envar> is supported for system " | |||
"wide configuration. Proxies specific to apt can be configured via the " | |||
"wide configuration. Proxies specific to APT can be configured via the " | |||
"option <literal>Acquire::http::Proxy</literal>. Proxies which should be " | |||
"used only for certain hosts can be specified via <literal>Acquire::http::" | |||
"Proxy::<replaceable>host</replaceable></literal>. Even more finegrained " | |||
"control can be achieved via proxy autodetection detailed further below. All " | |||
"these options use the URI format <literal><replaceable>scheme</" | |||
"control can be achieved via proxy autodetection, detailed further below. " | |||
"All these options use the URI format <literal><replaceable>scheme</" | |||
"replaceable>://[[<replaceable>user</replaceable>][:<replaceable>pass</" | |||
"replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</" | |||
"replaceable>]/</literal>. Supported URI schemes are <literal>socks5h</" | |||
"literal> (SOCKS5 with remote DNS resolution), <literal>http</literal> and " | |||
"<literal>https</literal>. Authentification details can be supplied via &apt-" | |||
"<literal>https</literal>. Authentication details can be supplied via &apt-" | |||
"authconf; instead of including it in the URI directly." | |||
msgstr "" | |||
@@ -9923,8 +9923,8 @@ msgstr "" | |||
msgid "" | |||
"The various APT configuration options support the special value " | |||
"<literal>DIRECT</literal> meaning that no proxy should be used. The " | |||
"environment variable <envar>no_proxy</envar> with the same propose is also " | |||
"supported." | |||
"environment variable <envar>no_proxy</envar> is also supported for the same " | |||
"purpose." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -9939,7 +9939,7 @@ msgstr "" | |||
#| "store the requested archive files in its cache, which can be used to " | |||
#| "prevent the proxy from polluting its cache with (big) .deb files." | |||
msgid "" | |||
"Further more there are three settings provided for cache control with " | |||
"Furthermore, there are three settings provided for cache control with " | |||
"HTTP/1.1 compliant proxy caches: <literal>Acquire::http::No-Cache</literal> " | |||
"tells the proxy not to use its cached response under any circumstances. " | |||
"<literal>Acquire::http::Max-Age</literal> sets the allowed maximum age (in " | |||
@@ -9983,8 +9983,8 @@ msgstr "Configuration utilisateur" | |||
#| "<literal>ProxyAutoDetect</literal>." | |||
msgid "" | |||
"<literal>Acquire::http::Proxy-Auto-Detect</literal> can be used to specify " | |||
"an external command to discover the http proxy to use. The first and only " | |||
"parameter is an URI denoting the host to be contacted to allow for host-" | |||
"an external command to discover the HTTP proxy to use. The first and only " | |||
"parameter is a URI denoting the host to be contacted, to allow for host-" | |||
"specific configuration. APT expects the command to output the proxy on " | |||
"stdout as a single line in the previously specified URI format or the word " | |||
"<literal>DIRECT</literal> if no proxy should be used. No output indicates " | |||
@@ -10073,14 +10073,23 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-http.1.xml | |||
#, fuzzy | |||
#| msgid "" | |||
#| "The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used " | |||
#| "to enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be " | |||
#| "beneficial e.g. on high-latency connections. It specifies how many " | |||
#| "requests are sent in a pipeline. APT tries to detect and workaround " | |||
#| "misbehaving webservers and proxies at runtime, but if you know that yours " | |||
#| "does not conform to the HTTP/1.1 specification pipelining can be disabled " | |||
#| "by setting the value to 0. It is enabled by default with the value 10." | |||
msgid "" | |||
"The setting <literal>Acquire::http::Pipeline-Depth</literal> can be used to " | |||
"enable HTTP pipelining (RFC 2616 section 8.1.2.2) which can be beneficial e." | |||
"g. on high-latency connections. It specifies how many requests are sent in a " | |||
"pipeline. APT tries to detect and workaround misbehaving webservers and " | |||
"pipeline. APT tries to detect and work around misbehaving webservers and " | |||
"proxies at runtime, but if you know that yours does not conform to the " | |||
"HTTP/1.1 specification pipelining can be disabled by setting the value to 0. " | |||
"It is enabled by default with the value 10." | |||
"HTTP/1.1 specification, pipelining can be disabled by setting the value to " | |||
"0. It is enabled by default with the value 10." | |||
msgstr "" | |||
"Le réglage <literal>Acquire::http::Pipeline-Depth</literal> permet " | |||
"d'utiliser l'enchaînement HTTP (« HTTP pipelining », RFC 2616 section " | |||
@@ -10116,7 +10125,7 @@ msgstr "" | |||
#: apt-transport-http.1.xml | |||
msgid "" | |||
"<literal>Acquire::http::SendAccept</literal> is enabled by default and sends " | |||
"a <literal>Accept: text/*</literal> header field to the server for requests " | |||
"an <literal>Accept: text/*</literal> header field to the server for requests " | |||
"without file extensions to prevent the server from attempting content " | |||
"negotiation." | |||
msgstr "" | |||
@@ -10157,18 +10166,18 @@ msgstr "" | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"This APT transport allows the use of repositories accessed via the HTTP " | |||
"Secure protocol (HTTPS) also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was before that available in a <package>apt-" | |||
"transport-https</package> package. Note that a transport is never called " | |||
"directly by a user but used by APT tools based on user configuration." | |||
"Secure protocol (HTTPS), also referred to as HTTP over TLS. It is available " | |||
"by default since apt 1.5 and was available before that in the package " | |||
"<package>apt-transport-https</package>. Note that a transport is never " | |||
"called directly by a user but used by APT tools based on user configuration." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"HTTP is by itself an unencrypted transport protocol (compare &apt-transport-" | |||
"http;), which, as indicated by the appended S is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) which provides end-to-end " | |||
"http;), which, as indicated by the appended S, is wrapped in an encrypted " | |||
"layer known as Transport Layer Security (TLS) to provide end-to-end " | |||
"encryption. A sufficiently capable attacker can still observe the " | |||
"communication partners and deeper analyse of the encrypted communcation " | |||
"might still reveal important details. An overview over available " | |||
@@ -10178,9 +10187,8 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"The HTTPS protocol is based on the HTTP protocol and as such this " | |||
"implementation has the same relation meaning that all options supported by " | |||
"&apt-transport-http; are also available via <literal>Acquire::https</" | |||
"The HTTPS protocol is based on the HTTP protocol, so all options supported " | |||
"by &apt-transport-http; are also available via <literal>Acquire::https</" | |||
"literal> and will default to the same values specified for <literal>Acquire::" | |||
"http</literal>. This manpage will only document the options <emphasis>unique " | |||
"to https</emphasis>." | |||
@@ -10199,13 +10207,13 @@ msgid "" | |||
"certificate. An alternative certificate authority (CA) can be configured " | |||
"with the <literal>Acquire::https::CAInfo</literal> option and its host-" | |||
"specific option <literal>Acquire::https::CAInfo::<replaceable>host</" | |||
"replaceable></literal>. The option specifies a file is made of the " | |||
"concatenation of the CA certificates (in PEM format) creating the chain used " | |||
"for the verification of the path from the root (self signed one). If the " | |||
"remote server provides the whole chain during the exchange, the file need " | |||
"only contain the root certificate. Otherwise, the whole chain is required. " | |||
"If you need to support multiple authorities, the only way is to concatenate " | |||
"everything." | |||
"replaceable></literal>. The CAInfo option specifies a file made up of CA " | |||
"certificates (in PEM format) concatenated together to create the chain " | |||
"which APT should use to verify the path from your self-signed root " | |||
"certificate. If the remote server provides the whole chain during the " | |||
"exchange, the file need only contain the root certificate. Otherwise, the " | |||
"whole chain is required. If you need to support multiple authorities, the " | |||
"only way is to concatenate everything." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10213,8 +10221,8 @@ msgstr "" | |||
msgid "" | |||
"A custom certificate revocation list (CRL) can be configured with the " | |||
"options <literal>Acquire::https::CRLFile</literal> and <literal>Acquire::" | |||
"https::CRLFile::<replaceable>host</replaceable></literal> respectively. " | |||
"Like the previous option a file in PEM format needs to be specified." | |||
"https::CRLFile::<replaceable>host</replaceable></literal>. As with the " | |||
"previous option, a file in PEM format needs to be specified." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10225,15 +10233,15 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"When authenticating the server, if the certificate verification fails for " | |||
"some reason (expired, revoked, man in the middle, …), the connection fails. " | |||
"During server authentication, if certificate verification fails for some " | |||
"reason (expired, revoked, man in the middle, etc.), the connection fails. " | |||
"This is obviously what you want in all cases and what the default value " | |||
"(true) of the option <literal>Acquire::https::Verify-Peer</literal> and its " | |||
"host-specific variant provides. If you know <emphasis>exactly</emphasis> " | |||
"what you are doing, setting this option to \"false\" allows you to skip peer " | |||
"certificate verification and make the exchange succeed. Again, this option " | |||
"is for debugging or testing purpose only as it removes all security provided " | |||
"by the use of HTTPS." | |||
"what you are doing, setting this option to \"<literal>false</literal>\" " | |||
"allows you to skip peer certificate verification and make the exchange " | |||
"succeed. Again, this option is for debugging or testing purposes only as it " | |||
"removes all security provided by the use of HTTPS." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
@@ -10246,8 +10254,8 @@ msgid "" | |||
"2818, the name of the mirror is checked against the identity found in the " | |||
"certificate. This default behavior is safe and should not be changed, but if " | |||
"you know that the server you are using has a DNS name which does not match " | |||
"the identity in its certificate, you can set the option to \"false\", which " | |||
"will prevent the comparison to be done." | |||
"the identity in its certificate, you can set the option to \"<literal>false</" | |||
"literal>\", which will prevent the comparison from being performed." | |||
msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><title> | |||
@@ -10258,10 +10266,10 @@ msgstr "" | |||
#. type: Content of: <refentry><refsect1><refsect2><para> | |||
#: apt-transport-https.1.xml | |||
msgid "" | |||
"Beside the password based authentication available (see &apt-authconf;) " | |||
"HTTPS supports authentication based on client certificates as well via " | |||