Re: sources.list 's security line
On Mon, Sep 06, 2021 at 07:29:19PM -0400, Jim Popovitch wrote:
> On September 6, 2021 5:05:45 PM UTC, Steve Dondley <s@dondley.com> wrote:
> > On 2021-09-06 05:53 AM, riveravaldez wrote:
> > > Hi,
> > >
> > > after reading the various sources of documentation (handbook,
> > > wiki, FAQs, Release Notes, etc.) I think I'm finding myself with
> > > kinda four options for the security line in /etc/apt/sources.list
> > > Those being:
> > >
> > > deb http://security.debian.org/debian-security bullseye-security main
> > >
> > > deb http://security.debian.org bullseye-security main
> > >
> > > deb https://deb.debian.org/debian-security bullseye-security main
> > >
> > > deb http://security.debian.org testing/updates main
> > >
> > > Which would be the right one(s)?
> > >
> > > Thanks a lot!
> >
> > I can't say for sure whether this is "right" or not but this is what I
> > have in my sources.list:
> >
> > deb http://security.debian.org/debian-security bullseye-security main
> > deb-src http://security.debian.org/debian-security bullseye-security
> > main
> >
>
> security.d.o and deb.d.o are both hosted on fastly servers, albeit
> different sets of servers. What is interesting to me is that the DNS for
> security.d.o is operated by Debian whereas the DNS for deb.d.o is run by
> fastly. I'm not sure that it matters but it is a significant difference
> between the two.
>
Security.d.o is a critical resource - I can see that Debian would want
to be in close control of that - you don't want someone hijacking your
source of security updates for the world..
deb.d.o is a scalable service so I can see that Fastly could look after that
as an alias to whatever the pool happens to be at any one given moment.
All best,
Andy C.
can see how Fastly would want
> -Jim P.
>
>
Reply to: