hey folks--
i played around with augmenting a tails 3.12.1 installation today by
adding an external apt repository, and found that i needed to add
apt-transport-https (the repo in question was https-only). But
apt-transport-https doesn't actually work on Tails 3.12.1, because it's
not automagically wrapped in torsocks the way that, say, wget is.
I don't want to relitigate
https://redmine.tails.boum.org/code/issues/8143, but i'm wondering
whether it would make sense to ship tails with apt-transport-https with
a torsocks wrapper, so that these https repositories (which are at the
very least no *worse* than http repos) would at least work for people.
I believe that buster will ship with https transport baked into apt, and
i don't know what the tails release schedule is for that, but i wanted
to flag this as a potential concern for any buster-based tails releases
as well.
any thoughts about what kind of work is worth doing to smooth this path
for Tails users that might want to add an https apt repo? or is that
explicitly out-of-scope and therefore unsupported?
--dkg
