On Fri, Mar 25, 2016, at 12:39 PM, Fabian Arrotin wrote:
Hi,
Just to let you know in advance that we'll add some modifications to the buildlogs.centos.org nodes. We got a proposal from a CDN infrastructure company (CDN77.com) willing to be a sponsor for the CentOS Project, and so we'd like to use that service for the testing/dev artifacts (so rpm packages, iso images, qcow2 images, etc) so that users can get it faster than when served from our actual buildlogs.centos.org nodes.
This sounds great!
- for rpm packages, you'll still get the repodata files from our nodes,
Yes, but these aren't accessible over TLS, nor GPG signed =( Given Let's Encrypt is now a thing, is there any blocker for using TLS?
One thing that would be also nice (and partly orthogonal) is to offer "tls-pinned" access, where a custom root CA cert is used, and client systems can be configured to pin to this CA. Something like https://buildlogs-pin.centos.org
Still though, the CDN sounds nice.