> In your opinion, would you rather go with password based acls or with > ip based acls? > > Opinions? As a mirror that pulls from a different IP than content is served from, I would prefer password based ACLs. I believe this would allow more flexibility, and less ongoing management for the CentOS team. While abuse is possible, I would hope we are all professional enough not to leak our authentication information. Initial abuse could result in a warning and password change, with continued abuse removing the offending mirror sites privileges. -Jonathan Jonathan Thurman Senior Communications Engineer Northwest Regional ESD