Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

On Tue, 2018-03-27 at 09:24 +0200, Martin Monperrus wrote: > If some primary mirrors support HTTPS with a proper certificate As Rhonda and I said before, that isn't possible because of the requirements on the ftp.*.debian.org domains. > What would be great is a list of all mirrors which support

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

> Martin was talking about tracking https availability for the secondary > mirrors, which don't have an associated ftp.*.debian.org DNS record. > If some primary mirrors support HTTPS with a proper certificate, that would be useful as well (eg https://ftp.am.debian.org/debian/ doesn't). What

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

On Mon, Mar 26, 2018 at 10:11 PM, Rhonda D'Vine wrote: > Right, but DNS for the primary ones, and pointing them towards a server > that isn't under their control would mean that they'd have to carry a > *.debian.org wildcard certificate. Which won't happen for non-DSA > operated infrastructure.

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

* Paul Wise [2018-03-26 15:52:45 CEST]: > On Mon, Mar 26, 2018 at 9:39 PM, Rhonda D'Vine wrote: > > * Martin Monperrus: > >> Would it make sense to keep track of valid https support for the > >> secondary mirrors? > > > > Actually the issue still holds: The mirror team needs to

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

On Mon, Mar 26, 2018 at 9:39 PM, Rhonda D'Vine wrote: > * Martin Monperrus: >> Would it make sense to keep track of valid https support for the >> secondary mirrors? > > Actually the issue still holds: The mirror team needs to repoint > mirrors to other servers at times and thus the certificate

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

Hi Martin, * Martin Monperrus [2018-03-26 11:54:12 CEST]: > Hi Pabs, > > > The Debian mirror team don't keep track of https support for the > > secondary mirrors > > Would it make sense to keep track of valid https support for the > secondary mirrors? Actually

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

On Mon, Mar 26, 2018 at 5:54 PM, Martin Monperrus wrote: > Would it make sense to keep track of valid https support for the > secondary mirrors? If it could be done automatically I guess. Please contact the mirror team about this. -- bye, pabs https://wiki.debian.org/PaulWise

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

Hi Pabs, Thanks for your answer. > The Debian mirror team don't keep track of https support for the > secondary mirrors Would it make sense to keep track of valid https support for the secondary mirrors? Best,--Martin

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

On Sun, Mar 25, 2018 at 5:37 AM, Martin Monperrus wrote: > Switching my APT config to HTTPS, I notice that many mirrors either do not > support HTTPS or have untrusted HTTPS certificates This isn't something the Debian website team can fix, please contact the admin for each mirror individually.

Bug#893980: www.debian.org: Many mirrors have no or untrusted HTTPS certificates

Package: www.debian.org Severity: normal Dear Maintainer, Switching my APT config to HTTPS, I notice that many mirrors either do not support HTTPS or have untrusted HTTPS certificates (eg https://mirror- csail.debian.org/) It would be great to update the reference page