Re: HTTPS for Debian archive mirrors, and CAA
在 2017年9月18日星期一 CST 下午6:01:19，Julien Cristau 写道：
As such, the only service that is guaranteed to be available at these
names is HTTP. Offering HTTPS on these names means breakage whenever
they are pointed at a different mirror.
On 19.09.17 01:15, Boyuan Yang wrote:
The necessity of setting up https-enabled mirror sites has been discussed
several times before and there's no need to repeat it again here.
and some of us have several times explained that it can't be done with
current volunteer-supported debian infrastructure.
On 19.09.17 04:53, Shanker Wang wrote:
Also sorry to hear that. I hold the same view that it is necessary to
utilize https to prevent buggy ISP cache.
you are free to ask any mirror admin to run HTTPS on different addresses,
with different hostnames and whatever certificates.
Matus UHLAR - fantomas, firstname.lastname@example.org ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.