[Haskell-cafe] Offer to mirror Hackage
Richard O'Keefe
ok at cs.otago.ac.nz
Fri Dec 10 03:13:19 CET 2010
On 10/12/2010, at 10:50 AM, Riad S. Wahby wrote:
> Richard O'Keefe <ok at cs.otago.ac.nz> wrote:
>> I thought "X is a mirror of Y" meant X would be a read-only replica of Y,
>> with some sort of protocol between X and Y to keep X up to date.
>> As long as the material from Y replicated at X is *supposed* to be
>> publicly available, I don't see a security problem here. Only Y accepts
>> updates from outside, and it continues to do whatever authentication it
>> would do without a mirror. The mirror X would *not* accept updates.
>
> At the very least, this assumes that you trust all the mirror operators.
>
> Sure, I'm trustworthy, but how about those other guys? >:)
See the words "some sort of protocol between X and Y"?
This means that Y has to be authenticated to X and X to Y and they
use some sort of encryption scheme that prevents man-in-the-middle
attacks.
Right now, of course, nothing whatever stops someone building a 'robot'
at X to visit Y periodically and update X; the missing piece is any
kind of accreditation at Y.
More information about the Haskell-Cafe
mailing list