All Projects apt-panopticon  apt-panopticon_cgp boxes meta-impy  ImpyReleaseBuilder NPC-tool SledjHamr  IGnoble  NGIW  opensim-SC toyboxInstaller website - cgit website - CGraphz website - Mantis

View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000159apt-panopticonBugpublic2020-03-10 00:172020-03-10 00:34
Reporteronefang Assigned Toonefang  
PriorityhighSeveritymajorReproducibilityalways
Status assignedResolutionopen 
Product Version0.1 
Summary0000159: HTTPS -> HTTP redirects of /DEBIAN-SECURITY/ are actually valid.
DescriptionBut I currently mark them as WARNING.

There might be other similar things.
TagsNo tags attached.

Activities

onefang

onefang

2020-03-10 00:34

administrator   ~0000280

Also I should rethink this a bit. Normally a redirection that changes the scheme would be legal, that's why people redirect to HTTPS in the first place.

HTTP -> HTTPS on DNS-RR and for people with no apt-transport-https is ERROR.

HTTPS -> HTTP for things where no HTTPS is allowed per Debian / Devuan policy is good, like DNS-RR.

I'll have to read up on Debian mirror policy.

Issue History

Date Modified Username Field Change
2020-03-10 00:17 onefang New Issue
2020-03-10 00:17 onefang Status new => assigned
2020-03-10 00:17 onefang Assigned To => onefang
2020-03-10 00:34 onefang Note Added: 0000280