18 Jun
2015
18 Jun
'15
1:36 a.m.
Toby Corkindale <toby@dryft.net> writes:
I know I can use acquire::http::proxy in apt.conf.d to set a proxy server, but this seems to make it used for both HTTPS and HTTP traffic -- however I only want to use it for HTTP traffic.
Probably not helpful, but: Just don't use TLS for apt repos? What's the threat model that you're trying to address by using apt-transport-https ? apt's "is this package haxxed?" relies entirely on the Release file being signed by a GPG key in apt-key's keyring (plus a chain of md5/sha1/sha2-sums). So AFAICT the only gain from TLS is the ability to conceal (from your ISP) which packages you've downloaded. What am I missing?