On 10/12/2010, at 12:18 AM, Markus Läll wrote: > My take on the issue is that we should make it possible to easily mirror > hackage (what the OP asked for), so that people could use it when they wanted > to, and have a list of the mirrors on the wiki. This way those who are > interested can use them. Like when the mirror is faster/closer to them or to > help out when hackage is temporarily down. Those who need the security can > choose not to use mirrors, or make their own (private), or develop a secure > scheme, when it doesn't exist yet.
Have I misunderstood something? I thought "X is a mirror of Y" meant X would be a read-only replica of Y, with some sort of protocol between X and Y to keep X up to date. As long as the material from Y replicated at X is *supposed* to be publicly available, I don't see a security problem here. Only Y accepts updates from outside, and it continues to do whatever authentication it would do without a mirror. The mirror X would *not* accept updates. _______________________________________________ Haskell-Cafe mailing list [email protected] http://www.haskell.org/mailman/listinfo/haskell-cafe
