On Sun, Oct 23, 2016 at 10:45 AM, Ivan Shmakov <i...@siamics.net> wrote: > use TLS /alongside/ the usual Debian/APT signatures – not > instead of them; and the primary goal is to improve user’s > privacy. That is: only the mirror operator will remain >
Exactly right. The point is to improve privacy. Integrity of packages is not directly vulnerable unless more APT / GPG / parsing vulnerabilities are identified publicly (NSA surely has some privately). HTTPS+HPKP doesn't make anything weaker and actually would also help limit those unknown parsing vectors outlined previously. -- Regards, Kristian Erik Hermansen https://www.linkedin.com/in/kristianhermansen