On Thu, Sep 2, 2021 at 9:06 PM Ansgar wrote: > Accessing www.debian.org will also not work on such systems (and unlike > deb.d.o that does not even offer non-https). It's not Debian's problem.
The Tor onion services offer alternatives to the https PKI: https://onion.debian.org/ > Is replacing deb.d.o by a non-CDN feasible? security.d.o mirrors were getting overwhelmed after Linux kernel updates, which is why that switched to the Fastly CDN, so probably not. Also, the entire point of the deb.d.o domain is that it be backed by a CDN. httpredir.d.o was an alternative CDN-like thing that was based on HTTP redirects to the mirror network. It had lots of problems, but now that we have a mirror checker and zzz-dists, perhaps it could work better. The mirror:// method in apt has probably improved since then too. Maybe http redirects to local mirrors could be feasible again, but it would take a lot of work. https://mirror-master.debian.org/status/mirror-hierarchy.html > As far as I know there is also at least https://cdn-aws.deb.debian.org/ > if you don't like Fastly. And there are other CDNs that could potentially be used. -- bye, pabs https://wiki.debian.org/PaulWise