On Mon, Mar 02, 2009 at 03:29:39PM +0100, Sebastien WILLEMIJNS wrote: > ok it is true but use a compressed metalink including a lot of files > permit to compress (redudant) mirrors informations and let only (hash) > file informations uncompressed ;)
It's not *only* about size: Avoiding the need to generate a metalink and to compress it lessens load on the server side. It is no work at all to send out a tiny static file, compared to that. > by using a metalink you will be sure to have your tiny file (with hash > code) ;) Good thought :) but, nope, the metalink could be forged just as well as the tiny file itself (everybody can make the hash). Only HTTPS helps against that, or an embedded PGP signature (which requires the client to have the key and verify the content, obviously). Peter -- Contact: [email protected] (a.k.a. [email protected]) #opensuse-mirrors on freenode.net Info: http://en.opensuse.org/Mirror_Infrastructure SUSE LINUX Products GmbH Research & Development
pgpMiEMiUnMwf.pgp
Description: PGP signature
