Re: HTTPS needs to be implemented for updating
Peter Lawler:
>
>
> On 18/12/16 22:03, Christoph Moench-Tegeder wrote:
>> second point requires a lot of work
>> to resolve.
>>
>> Regards,
>> Christoph
>>
>
> Monday morning yet-to-be-caffienated thoughts...
>
> I'm going to ignore the 'inconvenience' because I think in this case
> that's a specious argument.
>
> I acknowledge there's a bucketload of work to implement this. Just gets
> me to thinking, staging a switch over may be better. eg, a new apt
> config for https as either 'required' 'desired' and 'off'. This reduces
> the initial workload. Start with the default 'off', then at some future
> release move to 'desired' then 'required'.
>
> Further, I suggest perhaps an automated survey of the major mirrors to
> find which ones already support https may be in order. Perhaps the
> resultant data could be used by the apt-transport-https package for now,
> as well as deciding when the above mentioned switch over might occur.
>
> As I say, decaffienated Monday morning thoughts.
>
Here's a script I wrote to do just that, find all Debian mirrors that
support HTTPS:
https://gist.github.com/eighthave/7285154
.hc
Reply to: