I think it would be a good idea to make bootstrap-prefix.sh available over TLS/SSL. I see the majority of Gentoo's website already is. Also, if you could generate checksums to verify the download's integrity, that would be great. Thanks. Reproducible: Always
couple of things here: - rsync.prefix.bitzolder.nl is a DNS rotation for which no SSL cert was setup (can do) - rsync1.p.b.n do have SSL cert setup - the cert setup is one signed by BitZolder CA, which is not in any default chain, hence verfication will not be possible (unless you trust the CA) - the only way to get a valid SSL setup is move the location to dev.gentoo.org - generating checksums can be done separately in the rsync generation step
Fetching from https://gitweb.gentoo.org/ works. Thank you.
gitweb works, ssl is now also available from rsync.* https signed with Let's Encrypt.