-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A long time ago, in a galaxy far, far way, someone said...
> >btw, i'm getting timeouts on security.debian.org too (looks like > >it's hosted from the same network as non-us) > > I can't find a mirror of security.debian.org. Is there one? There isn't one. Ethan Benson posted to debian-user sometime in the last week or two why: it basically comes down to "how do you know the package wasn't tampered with after it was downloaded from security.debian.org?" (IIRC). Once apt can check pgp/gpg keys I'm sure their'll probably be some "official" mirrors set up. That said, there's nothing keeping you from mirroring it yourself for local use - I do that myself, just for situations like this. One of my mirrors is on tux.creighton.edu. The entry for sources.list is deb http://tux.creighton.edu/debian potato updates/main if you want to trust that I haven't altered anything :) The entire tree should be there, with the exception of the slink updates. - -- - ---------------------------------------------------------------------- Phil Brutsche [EMAIL PROTECTED] GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC GPG key id: 50DE1CFC GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6sZBg/ZTSZFDeHPwRAjK7AKDNVBV9GyAYw0UZQPY6ytBj4+ifDACfYdmK 4FSduXHjdOp6sMIc2Qicg0s= =+OJk -----END PGP SIGNATURE-----
