Creating a mirror might be overkill for you & me - but it might be the kind of control @mate2go needs to feel that the packages that are on his system are "untainted" & there are no backdoors present - even with gpg key verification.
I know all to well that the biggest security vulnerability in any system is located between the screen and the chair - everything else is superfluous after that.
So I'm not that paranoid about the hardware/software side of security equation. Especially when you come to the realisation that all open source software runs on proprietary hardware. How secure is this proprietary hardware? Are there any backdoors built in? Anyone's guess is as good as mine! Open hardware will eventually change all of that - but until we have both open hardware & open software - talking about security is just a mental exercise. You can put the best possible lock on a door - but if you don't know what the door is made of - it could be Styrofoam for all you know - the lock won't do much good!
Thank you all for tolerating my rant! 