On Fri, Mar 25, 2016, at 12:39 PM, Fabian Arrotin wrote: > Hi, > > Just to let you know in advance that we'll add some modifications to the > buildlogs.centos.org nodes. > We got a proposal from a CDN infrastructure company (CDN77.com) willing > to be a sponsor for the CentOS Project, and so we'd like to use that > service for the testing/dev artifacts (so rpm packages, iso images, > qcow2 images, etc) so that users can get it faster than when served from > our actual buildlogs.centos.org nodes. This sounds great! > - for rpm packages, you'll still get the repodata files from our nodes, Yes, but these aren't accessible over TLS, nor GPG signed =( Given Let's Encrypt is now a thing, is there any blocker for using TLS? One thing that would be also nice (and partly orthogonal) is to offer "tls-pinned" access, where a custom root CA cert is used, and client systems can be configured to pin to this CA. Something like https://buildlogs-pin.centos.org Still though, the CDN sounds nice.