[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HTTPS metadata in Mirrors.masterlist?

On Fri, 07 Apr 2017, Mattias Wadenstein wrote:

> On Thu, 6 Apr 2017, Axel Beckert wrote:
> >* https://ftp.se.debian.org/debian/ (ftp.no.debian.org seems to point
> > to the same host, but is not yet accessible via HTTPS due to not
> > being listed in the certificate)
> Hm, OK. We'll add ftp.no.d.o to our list of hostnames for LE.
> We've been a bit slow in announcing https support due to not being done with
> hardware updates to get CPUs that don't max out when filling the network
> link, but that replacement procedure is almost done.

I don't think ftp.*.debian.org providers should do https with that name.
We regularly point ftp.*.debian.org to other places when mirrors go away
temporarily, and the only service we guarantee the new target has is

Adding https just makes this a whole extra mess.

By all means offer https on your "base" hostname, like ftp.acc.umu.se,
but please don't do it on ftp.*.debian.org.

</mirroradm hat>
                            |  .''`.       ** Debian **
      Peter Palfrader       | : :' :      The  universal
 https://www.palfrader.org/ | `. `'      Operating System
                            |   `-    https://www.debian.org/

Reply to: