Allow TLS connection by default


allowing https repo is very great and important, but when i change the repo from http to https it really contains many connection errors which took ages to update/upgrade. hope it can be fixed and enabled by default.

(Amzker Pro Hacker) #2

Well i , personally won’t think
That this is much important

BTW connection error
Possible error in your configuration
Https working perfectly


well maybe you have heard apt http flaw + some surveillance countries tries to manipulate http connections as reported through FF or Qubes …etc.

so for users safety sake it is important.

not with my test i dunno why. but still its not enabled by default.

(Matt) #4

https doesnt really make apt any more secure. Also we dont have control over all our mirrors, so most would break if we forced https.

(Matt) #5

If you are talking about CVE-2019-3462, our version of apt isn’t vulnerable.

  • From the same link you provided:

However there may be other security benefits to using HTTPS for apt updates, in that it should greatly increase the difficulty for a man-in-the-middle attacker to exploit future bugs in APT, or to temporarily delay the delivery of Release files to end users.

  • Add to it for another issue reported by some folks in the middle east:


yeah I saw that as well and I’m thinking https/TLS might be worth a second look.

Security in layers. :slight_smile: