:: Re: [devuan-mirrors] Mirror devuan.…
Αρχική Σελίδα
Αυτό το μήνυμα είναι μέρος του ακόλουθου νήματος:
M+\το πλήρες δέντρο νημάτων ταξινομημένο κατά ημερομηνία
MMMHendrik Visage στο <-
Monefang στο ->
Delete this message
Reply to this message
Συντάκτης: Quantum Mirror
Ημερομηνία:  
Προς: devuan-mirrors
Αντικείμενο: Re: [devuan-mirrors] Mirror devuan.rosset.eu.org/devuan-files/ URL change
Hi,

> I see there is a different list for HTTP mirrors and it makes me
> wonder: isn't serving files over HTTP problematic? Contrary to the APT
> protocol, there is no embedded GPG signature check.

Most projects still use outdated software for monitoring (e.g.,
mirrorbrain), which only uses http or rsync protocols. (This was a
problem for TDF and many others back in 2016, now some of them switched
to mirrorbits and other solutions.)

By the way http is still good because if a "ca-certificate" package
(root-cert) update is not installed on the client computer before the
certs expire the client won't be able to update from a https mirror
because of the cert error... it happened in case of Linux Mint, and
their advice was to switch back to a http capable mirror...

Also it is a good fallback/testing point if something goes wrong with
the certbot or lest's encrypt's certs.

APT protocol? HTTPS? Read this article from former Debian project leader
and cry:
https://web.archive.org/web/20190121083122/https://whydoesaptnotusehttps.com/

GPG problem?

https://wiki.debian.org/SourcesList#Repository_URI

"Addresses often use http instead of https because Debian packaging
security is designed not to need a secure network."

And most importantly: you can use wget on http without the
--no-check-certificate option. :D

Other:

https://unix.stackexchange.com/questions/552934/how-can-i-force-apt-get-or-apt-to-use-only-https-connections

https://manpages.debian.org/bookworm/apt/apt-transport-https.1.en.html

Cheers,

Peter

On 2025-10-22 19:26, Bernard Rosset wrote:

> Hello,
>
> Would it be possible to change the registration for my mirror as
> follows?
> devuan.rosset.eu.org/devuan-files/ -> files.devuan.rosset.eu.org/
>
> No change of protocol: HTTPS only.
>
> I see there is a different list for HTTP mirrors and it makes me
> wonder: isn't serving files over HTTP problematic? Contrary to the APT
> protocol, there is no embedded GPG signature check.
>
> Cheers,
> Bernard (Beer) Rosset
> https://rosset.net/
> _______________________________________________
> devuan-mirrors mailing list
> devuan-mirrors@???
> Manage your subscription:
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/devuan-mirrors
> Archive: https://lists.dyne.org/lurker/list/devuan-mirrors.en.html
Το μήνυμα αυτό δημοσιεύτηκε στις ακόλουθες λίστες:
devuan-mirrors
Πληροφορίες για τις Ταχυδρομικές λίστες | Κοντινά μηνύματα		<-Re: [devuan-mirrors] Mirror devuan.rosset.eu.org/devuan-files/ URL change[devuan-mirrors] HTTP mirror support? - Was: Mirror devuan.rosset.eu.org/devuan-files/ URL change->

Donate to Dyne.org

dyne.org open discussions
διαχειριζόμενη από dyne.org hackers		Lurker (έκδοση2.3)