[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: HTTPS needs to be implemented for updating

Peter Lawler:
> On 18/12/16 22:03, Christoph Moench-Tegeder wrote:
>> second point requires a lot of work
>> to resolve.
>> Regards,
>> Christoph
> Monday morning yet-to-be-caffienated thoughts...
> I'm going to ignore the 'inconvenience' because I think in this case
> that's a specious argument.
> I acknowledge there's a bucketload of work to implement this. Just gets
> me to thinking, staging a switch over may be better. eg, a new apt
> config for https as either 'required' 'desired' and 'off'. This reduces
> the initial workload. Start with the default 'off', then at some future
> release move to 'desired' then 'required'.
> Further, I suggest perhaps an automated survey of the major mirrors to
> find which ones already support https may be in order. Perhaps the
> resultant data could be used by the apt-transport-https package for now,
> as well as deciding when the above mentioned switch over might occur.
> As I say, decaffienated Monday morning thoughts.

Here's a script I wrote to do just that, find all Debian mirrors that
support HTTPS:



Reply to: