1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Klaus Wagner wrote: |
5 |
> I think if the rsync mirrors are too stressed for signation, they would be |
6 |
> too stressed for rsync too, allthough rsync could be tunneled too. |
7 |
|
8 |
One of the suggestions we were kicking around was to use Stunnel to |
9 |
encrypt rsync over SSL. This, of course, fails to be as encompassing as |
10 |
the Final Solution involving GPG, but is suitable as a stopgap. We |
11 |
rejected it because of concern about server load on the mirrors, |
12 |
actually, since SSL does introduce some significant CPU overhead. |
13 |
|
14 |
Not running the mirrors myself, I can't really give you any figures. But |
15 |
GPG signing introduces no CPU load and minimal extra amounts of data, so |
16 |
is, from the infrastructure standpoint, the least likely to cause things |
17 |
to fall over. |
18 |
- -- |
19 |
Dan "KrispyKringle" Margolis |
20 |
Security Coordinator/Audit Project, Gentoo Linux |
21 |
-----BEGIN PGP SIGNATURE----- |
22 |
Version: GnuPG v1.2.4 (Darwin) |
23 |
|
24 |
iQEVAwUBQZTQgbDO2aFJ9pv2AQIrcQf/cLcB1Eu/HgsxLnXNTPsc1NyWJ2cQVT+w |
25 |
uCXw3xMwmaKhZFxG/W3ow6r8h+DPV3Cs69s+UjUiwA4TAGQejo/UaQuq1a8i3ZJp |
26 |
WLFyg+M4wkrIO0Op26EIOPF5bofVbdL3LoK2PaGqWHTIoy6KGawBda3PBt0LpCKm |
27 |
SFi9Y+hwPiiQkzfDrLlMcMem7vBOvIw4MrqZvqA12GLu9kQ9bu4it94RnlbsHWc1 |
28 |
1R7Yicc42L15GBKwenngKTlsHfTpUGcUBTaRVKL2OhoywTlq2Wwg6GYXkqbgvI5h |
29 |
z9DVTdM05BhK1GJ60j7fDLv47l/H/NCmupp3k/GXcjfyFOVpUu5Weg== |
30 |
=c+h1 |
31 |
-----END PGP SIGNATURE----- |
32 |
|
33 |
-- |
34 |
gentoo-security@g.o mailing list |