Thank you for support, so is the https enabled repository coming up? Marek
On 10/26/2017 08:19 PM, Christoph Biedl wrote: > 林博仁 wrote... > >> I believe that there's no benefit on accessing Debian archive with HTTPS as >> they uses GnuPG for authentication > > GnuPG indeed serves the purposes of authenticity and integrity very > well. Modulo bugs every now and then, but they happen on other layers as > well. > > Also, nobody should rely on the privacy in this case since the server > content is public and the clients have a fairly simple access pattern. > Decoding the transfers from this isn't trival but seems doable with some > effort - one day I'll write a prove of concept for this. > > There is however a reason for https, a sad one though: Braindead > "security" applicances that do deep packet inspection and might reject > the download of packages. > > Christoph >
signature.asc
Description: OpenPGP digital signature