On 26/03/16 15:23, Colin Walters wrote:
Yes, but these aren't accessible over TLS, nor GPG signed =( Given Let's Encrypt is now a thing, is there any blocker for using TLS?
Fabian is going to investigate this, since buildlogs is just a few machines we control it might be possible to roll out some sort of TLS support here.
One thing that would be also nice (and partly orthogonal) is to offer "tls-pinned" access, where a custom root CA cert is used, and client systems can be configured to pin to this CA. Something like https://buildlogs-pin.centos.org
Still though, the CDN sounds nice.
yeah, we are looking forward to testing this - it would give us a lot more PoP's for the buildlogs content, ie. definitely improve the developer experience around the CentOS Project resources.
regards