On 19/10/2022 13:56, Vitaly Zaitsev via devel wrote:
On 19/10/2022 10:31, Neal Gompa wrote:
HTTPS does not help with that. It's just a transport protocol.
It will. All requests will be encrypted. ISP will only see server's
IP-address and its hostname (only if SNI is enabled).
HTTPS does not automatically add privacy for users of mirrors. See for
example the excellent Debian related website and OpenBSD presentation
about how you can still identify downloaded packages even when using HTTPS.
[1] https://whydoesaptnotusehttps.com/
[2] https://www.openbsd.org/papers/eurobsdcon_2018_https.pdf
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
