Package: general
Severity: wishlist
Since the beginning of F-Droid, we have required that official package repos and
mirrors use HTTPS. We have encouraged all of them to have HTTPS. I think
Debian should do the same. There are already very many Debian mirrors that do
support HTTPS, here's a script to find them:
https://gist.github.com/HacKanCuBa/e3a998d68a82f81dbf11f2cce4f26d04
If all Debian official mirrors supported HTTPS, then it would be much easier for
Debian systems to default to using HTTPS for apt repos. This is related to:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992692
