[manjaro-mirrors] Requiring HTTPS for repo mirrors
Jonathon Fernyhough
jonathon at manjaro.org
Fri Mar 31 09:29:17 CEST 2017
How many people set up an HTTP caching proxy that caches files larger
than 5 or 10MB?
Why are people using an HTTP cache instead of running an internal mirror
(or even just copying packages from one machine to a networked file store)?
What benefits of HTTPS would outweigh HTTP caching?
On 31/03/17 03:04, Dietrich Daroch wrote:
> HTTPS kills all the caching on the internet infrastructure for not too
> much. It does makes sense to gather the signatures through HTTPS though.
>
> On Thu, Mar 30, 2017 at 5:28 AM, Jonathon Fernyhough
> <jonathon at manjaro.org <mailto:jonathon at manjaro.org>> wrote:
>
> Multiple mirrors (16?) now provide access via HTTPS.
>
> Is it time to make HTTPS a requirement for mirrors?
>
> I say yes. :)
>
> J
>
> (cross-posted to manjaro-dev, manjaro-mirrors)
>
More information about the manjaro-mirrors
mailing list