Jean Louis said: > Each package may be copied to GNU and distributed in parallel from > GNU servers by GNU helpers and problem could be solved.
We cannot forget that many projects have documentation outside of the distributed package; documentation that is official and served only from the project websites. Among that documenation, much of it is wiki-ized. And exclusively in the case of gnuradio, it's also in a corporate walled-garden. At the same time, centralizing everything on a single GNU server creates a single point of failure security issue. Possible fix: Suppose there were a GNU CDN running on one of the free CDN packages you pointed to earlier, whereby projects and trusted univerisities could volunteer to run peer nodes that mirror all GNU web content. Such a network would further eliminate any excuse a GNU project might attempt to use as justification for CloudFlare. It would reduce shenanigans that subject public resources to private clubs. Even if it were voluntary for GNU projects to use GNU CDN, eliminating excuses to follow the freedom-hostile approach of GNU Radio Foundation, Inc. is important. Note that a GNU CDN would still be centralized, and exposed to compromises like that of CloudBleed on CloudFlare. And worse, I suspect user accounts (names and passwords) would be exposed to the GNU CDN nodes (just as usernames and passwords of all CloudFlare sites are exposed to CloudFlare). So ideally anything that needs a login would probably have to be excluded from the GNU CDN. Documation updates would best be done by the same mechanism as software updates, although that doesn't solve the wiki problem. -- Please note this was sent anonymously, so the "From:" address will be unusable. List archives: https://lists.gnu.org/archive/html/security-discuss https://lists.gnu.org/archive/html/gnu-system-discuss will be monitored.