On Wed, Feb 25, 2009 at 07:44:38PM +0100, Sebastien WILLEMIJNS wrote: > On Wed, 25 Feb 2009 18:46:56 +0100, "Peter Poeml" <[email protected]> said: > > Thus, metalinks are used for everything, except some > > security-critical files (which are delivered directly and shall not be > > sent to mirrors, transparently negotiated). > > I hope they are mirrors in all case for this kind of critical stuf ;)
Even if all files are mirrored, so they are widely available, still there are situations where you don't want to download them from a mirror, but rather from a trusted source. As metalinks can include the hashes that allow verification of the content downloaded from mirror, that solves it, but on the other hand those files (e.g. signature files) are often so small that it is simply efficient to deliver them directly than to create a metalink for them and send the client to further round-trips to get the tiny file from a mirror. Sometimes the metalink is even larger than the content in question, so it doesn't save anything. Peter -- Contact: [email protected] (a.k.a. [email protected]) #opensuse-mirrors on freenode.net Info: http://en.opensuse.org/Mirror_Infrastructure SUSE LINUX Products GmbH Research & Development
pgpsbZ3oYF4gB.pgp
Description: PGP signature
