On 04/07/2013 09:36 AM, Christian Theune wrote:
I can see that this would be useful. However, my current knowledge is that the way to authenticate the packages will change in the "near" future: Richard Jones mentioned that "the update framework" would be interesting for this. I do not know yet what the implications for the mirrors will be, but I don't want to invest too much time into complexity that I need to rework in the near future.
Indeed, we are working on this as I write this. I am obtaining some results on how large TUF metadata would be in describing PyPI. I will email some results very soon.
_______________________________________________ Distutils-SIG maillist - [email protected] http://mail.python.org/mailman/listinfo/distutils-sig
