NextGen$ a ?crit :
>Matthew Toseland a ?crit :
>
>
>>On Wed, Nov 09, 2005 at 06:46:29PM +0100, NextGen$ wrote
>>
>>
>>>Bob a ?crit :
>>>
>>>
>>>>[snip.]
>>>>Also the Emu seednodes link should be coral-cached as per Ian's wishes, I
>>>>forgot
>>>>about that.
>>>>
>>>>
>>>Maybe I should do it on the server side ? Using some "permanent
>>>redirect" trick...
>>>
>>>
>>>
>>Probably a good idea. But do we know how to tell whether it is being
>>fetched by a coral-cache server?
>>
>>
>>
>>
>Matching the user-agent ?
>
>Here is the revelant part of Apache's config file :
>
>RewriteEngine on
>RewriteCond %{HTTP_USER_AGENT} !^CoralWebPrx
>RewriteCond %{QUERY_STRING} !^coral-no-serve
>RewriteRule ^/(.*)$ http://downloads.freenetproject.org.nyud.net:8090/$1
>[R,L]
>
><IfModule mod_expires.c>
> <LocationMatch "/seednodes/">
> ExpiresActive on
> ExpiresDefault "access plus 2 hour"
> </LocationMatch>
></IfModule>
>
>It should work ... please report if it doesn't.
>
>
>
>>>Should I let people downloading them without using CoralCache ?
>>>
>>>NextGen$.
>>>
>>>
As all the traffic outgoing from downloads.freenetproject.org goes
through CC, shouldn't we publish hashes of files. Does it worth it or am
I the only one concerned by this potential weakness ?
Publishing hashes might not be enough ... Endeed, what will prevent
an offender from altering them too ? Maybe we should even use GPG...
NextGen$.
(nb. previously we weren't using nor SSL nor hashes ... so the website
might already have been targetted by a MiM attack... Even on SF's
website ;) )
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20051110/9b32874e/attachment.pgp>
