I stand corrected. I learned somthing new today Thanks On 6 February 2020 12:54:03 GMT, Ian Campbell <i...@debian.org> wrote: >On Thu, 2020-02-06 at 07:41 +0000, Andy Simpkins wrote: >> It isn't safe to mirror security patches because we can not assure >> the integrity of the updates on a mirror server. > >The security mirrors are secured by by apt using the same cryptographic >signatures as the other suites, so that's not true, they can be >mirrored just fine (at least in principal, I don't know how much of the >mirror network actually carries them). > >I think the real reason the default security sources are the >main/central one is to reduce the latency in getting critical/urgent >fixes out (i.e. no need to wait for a mirror pulse), but if that >doesn't work for a given setup there's no reason not to change to use a >mirror, it looks like deb.debian.org supports security so presumably >that's a good bet. > >Ian.
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
