1 |
On Friday 11 April 2003 00:54, Mark Farver wrote: |
2 |
> This is more an idea on how to help mirroring.. but I'll throw it into this |
3 |
discussion since it could |
4 |
> also be used for sharing binary tarballs. |
5 |
> |
6 |
> How about someone creating an module that automatically shares the contents |
7 |
of /usr/portage/distfiles |
8 |
> (or packages) over a peer to peer network like gnutella. |
9 |
> Everytime someone trys to emerge a package, portage checks the peer network |
10 |
to see if someone |
11 |
> has a binary package already built (with the same USE flags set) and if not |
12 |
it looks for a nearby |
13 |
> copy of the tarball. This could be used to spread the ibiblio/oregonstate |
14 |
load out a bit... |
15 |
|
16 |
Wrt. distfiles: |
17 |
For an intranet, is that much better than having one box serve them centrally? |
18 |
For the internet, sharing distfiles/ on a p2p network requires a _good_ |
19 |
uplink. Again, not the 56k dialup people. And those who have such an uplink |
20 |
probably don't worry too much about fetch times anyway. (Remember to use |
21 |
alternative mirrors, not ibiblio) |
22 |
|
23 |
> The big drawback for the binaries is there is no guarentee they are what |
24 |
they say they are, unlike |
25 |
> the tarballs that at least have the MD5 from the ebuild. |
26 |
|
27 |
On an intranet you might take such a risk. On the internet I'd never agree for |
28 |
my machine to use an untrusted, anonymous source for binaries. |
29 |
|
30 |
BUT: once we have pgp digest signing in place, you'll be able to specify |
31 |
trusted pgp keys and accept packages signed by them (or rather whose digests |
32 |
have been signed by them) and that is the perfect situation for building a |
33 |
pgp web of trust among gentoo users - assuming people really do follow the |
34 |
strict pgp rules of verifying identity before trusting a key. |
35 |
|
36 |
But still, not for 56k people, not if you expect them to upload anything in |
37 |
return anyway. |
38 |
|
39 |
-- |
40 |
Dan Armak |
41 |
Gentoo Linux developer (KDE) |
42 |
Matan, Israel |
43 |
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key |