On 19/05/15 13:07, Kai Bojens wrote: > On 17-05-15 10:35:55, Gordon Messmer wrote: > >> https doesn't improve your privacy in this application. > > No, but it makes it a little bit harder for third parties > to gather all these information. That seems to be a worthy > goal for me. We can likely make the mirrorlist content available on https fairly easily, and encourage other mirrors to also offer urls that run over https. The other challenge with mirror.centos.org is also driven by it being a network run on donated hardware, not sure if we want to put the https certs on machines that other people can get hands-on easily. -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc