[Haskell-cafe] Offer to mirror Hackage

wren ng thornton wren at freegeek.org
Sat Dec 11 11:59:15 CET 2010


On 12/9/10 4:04 PM, Richard O'Keefe wrote:
>
> On 10/12/2010, at 12:18 AM, Markus Läll wrote:
>
>> My take on the issue is that we should make it possible to easily mirror hackage (what the OP asked for), so that people could use it when they wanted to, and have a list of the mirrors on the wiki. This way those who are interested can use them. Like when the mirror is faster/closer to them or to help out when hackage is temporarily down. Those who need the security can choose not to use mirrors, or make their own (private), or develop a secure scheme, when it doesn't exist yet.
>
> Have I misunderstood something?
> I thought "X is a mirror of Y" meant X would be a read-only replica of Y,
> with some sort of protocol between X and Y to keep X up to date.
> As long as the material from Y replicated at X is *supposed* to be
> publicly available, I don't see a security problem here.  Only Y accepts
> updates from outside, and it continues to do whatever authentication it
> would do without a mirror.  The mirror X would *not* accept updates.

The security issue is how does a client, C, know to trust X (maybe X is 
evil) or know to trust the transmission of data from Y to X (maybe a man 
in the middle corrupted things and X has become a confused deputy), etc.

The concern isn't for the consistency of Y's data, it's for the 
consistency of X's data as a replica of Y's.

-- 
Live well,
~wren



More information about the Haskell-Cafe mailing list