Re: Bug#992692: general: Use https for {deb,security}.debian.org by default
Control: tags -1 + moreinfo
On Sun, Aug 22, 2021 at 09:56:57PM +0900, Hideki Yamane wrote:
> As we discussed on -devel(*), it seems that we can enable https for
> {deb,security}.debian.org by default. With this bug report, I'll
> collect related things and fix it.
I believe that the discussion has later identified that doing so would
break squid-deb-proxy-client and auto-apt-proxy. Given that the security
benefits are not strong (beyond embracing good habits), I think the
reasonable thing to do is keep preferring http.
Caching packages and transport level encryption are fundamentally
incompatible. Possibly it would make more sense to offer users a choice
between performance and privacy on installation?
Helmut
Reply to: