On Tue, 11 Feb 2014, Colin Watson wrote:
On Tue, Feb 11, 2014 at 01:04:29PM +0000, Colin Watson wrote:I'm working on adding HTTPS support to d-i. Now, I know that we already have integrity by way of the GPG signature chain, but this isn't for that; this is in response to feedback Canonical has had from some Ubuntu customers (typically of the large and corporate variety) that they want to do all of their apt traffic over HTTPS to avoid people snooping on which packages various machines are installing.
Let me suggest that if they want to keep it a secret from people able to snoop on their network traffic, they might want to consider the much stronger protection of running their own mirror. Given the finite space of package sizes and deps, clever traffic analysis should be able to figure out which packages go over an HTTPS stream too, even if it'll be a bit harder than the plaintext stream.
That said, I don't mind more giving the users what they want, but I also see no way in which our mirror could provide usable HTTPS, so the mirror selection would likely be much smaller.
/Mattias Wadenstein