Re: Q: Use https for {deb,security}.debian.org by default

To: debian-devel@lists.debian.org
Subject: Re: Q: Use https for {deb,security}.debian.org by default
From: Simon Richter <sjr@debian.org>
Date: Thu, 19 Aug 2021 21:46:04 +0200
Message-id: <[🔎] 5790d751-dda8-fab6-601d-ebd8e30433c5@hogyros.de>
In-reply-to: <[🔎] 20210819223820.fb4a3f7ab23da92a685fe4ce@iijmio-mail.jp>
References: <[🔎] 20210819223820.fb4a3f7ab23da92a685fe4ce@iijmio-mail.jp>

Hi,

On 8/19/21 3:38 PM, Hideki Yamane wrote:

  Now deb.debian.org and security.debian.org provide https access
  but created sources.list file use http for those. Is there any
  reason to use http instead of https for them? (traffic, policy,
  etc...) If not, how about to change it?

There is little benefit to do so, it just increases processing overheadand breaks caching proxies, most importantly transparent proxies inlarge hosting companies and large container deployments.

For the most part, users would configure https if they are behind acorporate firewall that disallows http, or modifies data in-flight sosignature verification fails, everyone else is better off using plain http.


   Simon

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: Q: Use https for {deb,security}.debian.org by default
  - From: Paul Gevers <elbrus@debian.org>
- Re: Q: Use https for {deb,security}.debian.org by default
  - From: Kyle Edwards <kyle.edwards@kitware.com>

References:
- Q: Use https for {deb,security}.debian.org by default
  - From: Hideki Yamane <henrich@iijmio-mail.jp>

Prev by Date: Re: WARNING: dh_installsystemd is moving unit files to /usr/lib/systemd/system
Next by Date: Re: Q: Use https for {deb,security}.debian.org by default
Previous by thread: Re: Q: Use https for {deb,security}.debian.org by default
Next by thread: Re: Q: Use https for {deb,security}.debian.org by default
Index(es):
- Date
- Thread