On Sun 15 Aug 2021 at 09:52:01 -0500, David Wright wrote: > On Sun 15 Aug 2021 at 15:36:05 (+0100), Brian wrote: > > On Sun 15 Aug 2021 at 16:13:51 +0200, Hans wrote: > > > > > Yeah, not quite. I was already aware, that https won't improve security > > > much. > > > > > > I just wondered, why the docu once is telling "use https" and once > > > "http". If > > > only using https or either http, this would not create confuseness. > > > > > > Looks like I am too critical. am I not? :) > > > > There isn't any such thing as being "too critical" when it comes to > > technical matters :). > > > > A link to the page you were looking at might help. > > I assume this refers to § 5.1.3 in the Release Notes. > > A browser has no problem reaching the site with/without the http"s", > but I don't know about APT. However, the OP had the (usual) syntax > error, so that may be the cause of their specific problem.
I asked on -doc but there isn't any definitive answer yet. So then I looked to see what the bullseye installer does when configuring the package manager. The protocol choice is still between http, https and ftp. I chose http as I always have done. The lines put in /etc/apt/sources.list both begin with http://. Back to the menu and select https. No choice of country mirroe is allowed. The only offering is deb.debian.org. I assume that is because it is the only mirror that can be assumed to support https. The security mirror is still http://... . The other is https://... . My conclusion is that the line in § 5.1.3 in the Release Notes is either an overenthusiastic entry or a typo. Either way the advice there should really be consistent with what the installer does, even if it does not lead to any problems. -- Brian.