Non https Arch Update Servers?

Do you trust the non https(http) Arch update servers, or am i being overly cautious?

1 Like

The important thing is package signature checking. If the sigs are okay, you should be fine.

2 Likes

I use the https, but I would have no fear of the http.

3 Likes

Thanks @anon3337769 , @anon31687413

2 Likes

Nope, i don’t - i use only https :yum:

4 Likes

EndeavourOS mirrors are all https…
Arch mirrors (that we use too) have both.

Http mirrors can be slightly faster, but anyway I’d recommend using only https mirrors if possible.

8 Likes

Thanks @keybreak, @manuel

2 Likes