:: Re: [devuan-mirrors] HTTP mirror su…
Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\sdomi at <-
MMRalph Ronnquist at ->
Delete this message
Reply to this message
Author: Bernard Rosset
Date:  
To: devuan-mirrors
Subject: Re: [devuan-mirrors] HTTP mirror support? - Was: Mirror devuan.rosset.eu.org/devuan-files/ URL change
Just to be clear (and I realise I never specified that), I was merely
talking about the "files" mirror, aka the CD/DVD ones.

I was *not* discussing the packages ones, for which, as I stated from
the very start, the APT protocol ensures integrity/authentication with
help from GPG.
This has been repeated several times by different people in various ways.

Hence, talking about the installation media, even if people manually
verify signatures (no added security if server is compromised), at least
HTTPS would ensure channel protection. Some could also argue privacy
relative to URL paths.

Anyone on this?

Bernard (Beer) Rosset
https://rosset.net/
This message was posted to the following mailing lists:
devuan-mirrors
Mailing List Info | Nearby Messages		<-Re: [devuan-mirrors] HTTP mirror support? - Was: Mirror devuan.rosset.eu.org/devuan-files/ URL changeRe: [devuan-mirrors] HTTP mirror support? - Was: Mirror devuan.rosset.eu.org/devuan-files/ URL change->

Donate to Dyne.org

dyne.org open discussions
administrated by dyne.org hackers		Lurker (version 2.3)