| 1 |
On Fri, Feb 12, 2021, 04:37 Joonas Niilola <juippis@g.o> wrote: |
| 2 |
> |
| 3 |
> Hey, |
| 4 |
> |
| 5 |
> First of all I'm asking because I don't know, but are there any |
| 6 |
> technical limitations why we should still be showing http:// mirrors |
| 7 |
> when https:// is available? I've just gone through multiple mirrors |
| 8 |
> listed in https://www.gentoo.org/downloads/mirrors/ and most of them |
| 9 |
> even redirect http requests to their https site. |
| 10 |
> |
| 11 |
|
| 12 |
So my recollection is that on the install media, openssl has |
| 13 |
USE=bindist[0] set, which prevents installation of EC TLS support. I |
| 14 |
expect this to be resolved ..hopefully this year. The impact is that |
| 15 |
on the installation media, you may not be able to talk to servers that |
| 16 |
*only* offer EC-based TLS, as the openssl on the installation media |
| 17 |
does not support EC-based TLS. |
| 18 |
|
| 19 |
[0] Because patents, which may or may not be expired. See |
| 20 |
http://bugs.gentoo.org/531540 |
Archives