Ansgar Burchardt <ansgar@debian.org> (2014-08-17): > incoming.debian.org is used to publish recently uploaded source and > binary packages before they reach the mirror network of the main > archive. Until now, however, with the exception of the buildd network, > it has not been possible to verify the integrity of the files. This was > traditionally because we did not want to load ftp-master.debian.org by > many users downloading files. > > Several people informed us that it would make their work on Debian > easier, if they had a way to securely access these packages. So we > decided to implement some changes to incoming.debian.org: > > First, the archive used by buildds is now publically accessible in > http://incoming.debian.org/debian-buildd/. This location provides access > to all recently uploaded packages, split into individual suites, and > provides the neccessary metadata for APT to verify the integrity of the > published files. See [1] for details. > > [1] <http://incoming.debian.org/HEADER.html> > > Secondly, source and binary packages are no longer published directly on > http://incoming.debian.org/. Instead, people are encouraged to use the > pool layout described above which is configured per-suite and contains > Release files which have been signed in the normal way. > > We would also like to thank the Debian System Administration team who > quickly setup the static mirror setup for the new incoming.d.o, thus > making this possible. We would also like to thank the wanna-build and > buildd team for making the relevant changes to the buildds quickly so > that we could make this change live. Being one of the developers (particularly) enjoying such a move: thank you very much, all of you. Mraw, KiBi.
Attachment:
signature.asc
Description: Digital signature