[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PATCH] manual: provide a download command

On 10/13/2017 10:43 PM, Cyril Brulebois wrote:
> Michael Stapelberg <stapelberg@debian.org> (2017-10-13):
>> Index: en/install-methods/boot-usb-files.xml
>> ===================================================================
>> --- en/install-methods/boot-usb-files.xml	(revision 70855)
>> +++ en/install-methods/boot-usb-files.xml	(working copy)
>> @@ -41,8 +41,12 @@
>>  Alternatively, 
>>  for very small USB sticks, only a few megabytes in size, you can download
>>  the <filename>mini.iso</filename> image from the <filename>netboot</filename>
>> -directory (at the location mentioned in <xref linkend="where-files"/>).
>> +directory:
>> +<informalexample><screen>
>> +<prompt>#</prompt> <userinput>wget http://deb.debian.org/debian/dists/stretch/main/installer-amd64/current/images/netboot/mini.iso</userinput>
>> +</screen></informalexample>
>> +
> Please don't encourage people to download installation images over HTTP,
> especially not when HTTPS is available…

Note: https://www.debian.org/releases/stretch/amd64/ch04s02.html.en is
the canonical link the "where-files" xref links to. That points to a
HTTP-only http.us.debian.org, which is internally composed from

From urls.ent that's because &disturl; embeds &url-archive; which embeds
&archive-mirror;, which is http.us.debian.org. There are also various
HTTP-only links in there.

Should we go and just replace that with deb.debian.org, which presumably
has all architectures, and convert (most of) the links to HTTPS?

We could then still apply Michael's patch, as long as we use
&url-debian-installer; properly for the URL. (The link wouldn't work
as-is anyway because it should use &releasename; instead of hard-coding

Kind regards and thanks
Philipp Kern

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: