Hi, On 19-08-2021 21:46, Simon Richter wrote: > For the most part, users would configure https if they are behind a > corporate firewall that disallows http, or modifies data in-flight so > signature verification fails, everyone else is better off using plain http.
Except for the security archive, where https can prevent a man-in-the-middle from serving you outdated information and thus deprive you from updates. Paul
OpenPGP_signature
Description: OpenPGP digital signature
