Hi, while I invested some time in the past updating thirdpartymirrors to add HTTPS where possible too, I see no point in dropping non-HTTPS mirrors:
Just make sure that HTTPS mirrors are listed first. From security point of view, we don't get anything from HTTPS because we maintain and validate checksums for distfiles and thirdpartymirrors file is only used for distfiles. -- Regards, Thomas Deutschmann / Gentoo Linux Developer C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5
signature.asc
Description: OpenPGP digital signature
