daniels writes:
There are no signatures on individual .debs, so it's a security check to stop people hijacking servers, and redirecting the libc6 deb to a trojaned version, or the like. It's a deliberate omission.
How does not following redirects help, exactly? Surely the level of "hijack" required to add a redirect to the webserver configuration is just as high if not higher than that needed to replace the libc6 deb on the server itself.