On Sunday 02 January 2011 02:20:13 John Morrissey wrote: > On Sat, Jan 01, 2011 at 06:46:26PM -0500, John Morrissey wrote: > > Starting on about 12 January, we will be automatically verifying the PGP > > and MD5 signatures for current source tarballs (those in distrib/source) > > on all mirrors. Based on the count and size of current releases, this > > will cause an additional 350-400 gbytes of monthly traffic for each > > mirror. > > My calculations were way off somehow; this figure should be about > *5 to 6* gbytes/month per mirror. > > john
I'm sorry but, isn't it better to have every mirror calc its MD5 sums every day and the main mirror keepd the TRUE signatures up to date and secure? I'm not a mirror maintainer, but to me, it seams useless to download and verify every mirror remotely. I belive that every mirror maintainer will agree to put some very basic cron job which will download the current signatures and verify all packages from those signature. And it will quite faster. Best regards, Marian Marinov
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________ ProFTPD Mirror Sites List <proftpd-mirr...@proftpd.org> https://lists.sourceforge.net/lists/listinfo/proftp-mirrors
