Hans-Christoph Steiner <h...@at.or.at> writes: > I should add: apt-transport-tor is a great project to improve this situation > as well that is probably more secure than HTTPS, but at a cost of probably > much slower download speeds. Using an apt mirror with an onion address would > entirely supplant HTTPS. > > So don't get me wrong, I don't think HTTPS is a great system, what I'm saying > is that the current state of apt mirrors (HTTP and GPG signing) is not > enough. HTTPS can help, especially when used with some kind of > certificate/SPKI pinning. Tor can help too, especially when used with onion > addresses.
Are there any mirrors with a hidden service onion address? If so, I would like to know where! Are there any mirror operators out there who might be interested in adding a tor hidden service, but don't know how? If so, contact me, I'd be happy to help you set it up. micah
pgpWPzlVCRj4v.pgp
Description: PGP signature
