Bird debian repo now over https only?
Florian Lohoff
f at zz.de
Sun Oct 14 22:12:16 CEST 2018
Hola,
On Fri, Oct 12, 2018 at 01:44:55PM -0500, Jonathan Stewart wrote:
> I had to install apt-transport-https on debian 9 to reach the
> repositories.
>
> Personally, i was more surprised debian didn't support HTTPS by
> default rather than surprised that BIRD is deprecating HTTP. The
> deprecation of HTTP is happening everywhere.
The integrity of debian packages is guranteed by their hash
in the Packages file which is signed by a gpg signature.
So https is not needed for integrity and fetching from
a debian mirror does not need confidentially.
https has the disadvantage of not beeing cachable. For large
container/vm deployments that means that every requests
hits the debian infrastructure unless you create a full
mirror. So not enabling https or better continue
to offer http is a well thought decision.
Flo
--
Florian Lohoff f at zz.de
UTF-8 Test: The 🐈 ran after a 🐁, but the 🐁 ran away
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20181014/5b46e12b/attachment.sig>
More information about the Bird-users
mailing list