Archives
Archives
| From: | Ulrich Mueller <ulm@g.o> | ||
|---|---|---|---|
| To: | "Michał Górny" <mgorny@g.o> | ||
| Cc: | gentoo-dev <gentoo-dev@l.g.o> | ||
| Subject: | Re: [gentoo-dev] [RFC] Using HTTPS mirrors only in thirdpartymirrors (when possible) | ||
| Date: | Mon, 30 Sep 2019 05:04:39 | ||
| Message-Id: | w6g1rvyl6i3.fsf@kph.uni-mainz.de | ||
| In Reply to: | [gentoo-dev] [RFC] Using HTTPS mirrors only in thirdpartymirrors (when possible) by "Michał Górny" |
||
| 1 | >>>>> On Sun, 29 Sep 2019, Michał Górny wrote: |
| 2 | |
| 3 | > Why is it useful? In my opinion, the most important point is that it |
| 4 | > stops third parties from sniffing what the Gentoo hosts are fetching |
| 5 | > and using this information against them. |
| 6 | |
| 7 | It won't hide the fact that a connection was established. Also, the |
| 8 | transferred data are public, and we verify them on the client side by |
| 9 | a checksum. So the advantage of https is very limited here. |
| 10 | |
| 11 | Ulrich |
| File name | MIME type |
|---|---|
| signature.asc | application/pgp-signature |
| Subject | Author |
|---|---|
| Re: [gentoo-dev] [RFC] Using HTTPS mirrors only in thirdpartymirrors (when possible) | "Michał Górny" <mgorny@g.o> |