On Tue, 2023-08-29 at 20:05 +0100, Richard Hughes wrote: > On Tue, 29 Aug 2023 at 17:06, Vít Ondruch <vondr...@redhat.com> wrote: > > The point was that `fwupdmgr get-devices` lists ~32 devices for my LP. I > > can't imagine that the metadata for these 32 devices would take 2 MBs. > > That is more likely data for all devices ever supported. > > It is the metadata for every device -- every fwupd client deliberately > gets the entire catalog rather than making a bespoke request like > Windows update. This ensures that the LVFS doesn't know what hardware > you have on your computer, and couldn't provide that kind of data even > if compelled to by law enforcement. The entire architecture is privacy > centric, and also allows it to scale to millions of devices without > having thousands of servers.
You could have deltas, so that clients will not get the whole thing every day, but deltas compared to what they have already (which would be 0 bytes if thy are up to date). You reveal nothing of consequence by disclosing what version you already previously downloaded, and that you need just a delta. If a client has a too old version, you return an error, and they download the whole thing. This means it is up to you to decide how many delta files to keep for how long. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
