[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Default security sources are slow very much.

On Thu, 2020-02-06 at 07:41 +0000, Andy Simpkins wrote:
> It isn't safe to mirror security patches because we can not assure
> the integrity of the updates on a mirror server.

The security mirrors are secured by by apt using the same cryptographic
signatures as the other suites, so that's not true, they can be
mirrored just fine (at least in principal, I don't know how much of the
mirror network actually carries them).

I think the real reason the default security sources are the
main/central one is to reduce the latency in getting critical/urgent
fixes out (i.e. no need to wait for a mirror pulse), but if that
doesn't work for a given setup there's no reason not to change to use a
mirror, it looks like deb.debian.org supports security so presumably
that's a good bet.


Reply to: