[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Introducing http.debian.net, Debian's mirrors redirector


On 22.06.2012 15:57, green wrote:
> For what it is worth, I was puzzled by the "announcement" because it seemed 
> to be on an "official" domain but did not seem to be announced through 
> "official" channels.  So I agree with Raphael on this; it would be nice to 
> make that clear in announcements and on the http.debian.net page.  Please 
> take that as a suggestion for making a good idea even better with regard to 
> Debian.

Actually, Raphael sent it to debian-devel-announce which addresses,
well, developers. They are supposed to know the difference.

Having that said, this list is a established mean to broadcast
debian.net services (as a random example [1]).

Furthermore I fail to see why http.debian.net would be better or worse
than cdn.debian.net or whatever else may exist in the debian.net name
space. You do not seem to be worried about these names, however. So
please, calm down and thank Raphael for a service which is certainly
improving the situation.

As he said, it just exists as a staging service on debian.net until the
service is matured enough that DSA accepts it as an official(tm) Debian

> I feel that I am forced, for the sake of security (even if misguided), to 
> always differentiate between "official" Debian and other services, hence the 
> concern about official versus not.

You trust Raphael already by using his packages. At least there is no
reason to trust him less than any other random Debian mirror provider.
The good news is, you don't even need to. Neither has him nor any mirror
provider authority over the Debian archive signing key and your apt
checks that carefully when downloading archive meta data upon the
installation of packages.

[1] https://lists.debian.org/debian-devel-announce/2012/01/msg00000.html
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: