[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: When should we https our mirrors?

Philipp Kern <pkern@debian.org> (2016-10-17):
> On 10/17/2016 05:39 PM, Cyril Brulebois wrote:
> > AFAICT from a recent https deployment, apt will perform a TLS handshake
> > for each and every file it downloads from the mirror; including indices,
> > translations, pdiffs, and finally debian packages.
> Last I checked it pipelined within a single TLS connection (well, one
> per host). A casual Wireshark seems to confirm that.

Ah. What I saw might have been due to client cert auth then? I guess I
should revisit this setup when I find more time. There's also Pipeline-
Depth option's being advertised as not supported for https, too.


Attachment: signature.asc
Description: Digital signature

Reply to: