[Haskell-cafe] Offer to mirror Hackage

[Ketil Malde]

Vincent Hanquez <tab at snarc.org> writes:

> You have to start somewhere with security.

Yes.  And you should start with assessing how much cost and
inconvenience you are willing to suffer for the improvement in
security you gain.  In this case, my assertion is that the marginal
worsening of security by having a mirror of hackage even without signing
of packages etc., is less than the marginal improvement in usability. 

I'm a bit surprised to find that there seems to be a lot of opposition
to this view, but perhaps the existing structure is more secure than I
thought?  Or the benefit of a mirror is exaggerated - I can see how
it would be annoying to have hackage down, but it hasn't happened to my,
so perhaps those complaining about it just were very unlucky.

> Whereas on a mirror, it would be completely transparent to the users.

Well - you could easily compare packages from the main repo and its
mirror to verify the integrity.  This isn't a lot harder than checking
the details of the stuff cabal-install pulls in (which I admittedly
never do either).

> As a first step, having the hackage server and its users trusted, is
> hopefully reasonable. 

Hard to evaluate before there is a concrete proposal - security is
always a trade off, and you need to know what you get and what you pay.
If you can outline the structure of how this could work, I'm happy to
bikeshed it.

-k
-- 
If I haven't seen further, it is by standing in the footprints of giants