-----Message d'origine----- De : ceph-users [mailto:ceph-users-bounces@xxxxxxxxxxxxxx] De la part de Wido den Hollander Envoyé : lundi 21 septembre 2015 15:50 À : ceph-users@xxxxxxxxxxxxxx Objet : Re: Important security noticed regarding release signing key On 21-09-15 15:05, SCHAER Frederic wrote: > Hi, > > Forgive the question if the answer is obvious... It's been more than "an hour or so" and eu.ceph.com apparently still hasn't been re-signed or at least what I checked wasn't : > > # rpm -qp --qf '%{RSAHEADER:pgpsig}' http://eu.ceph.com/rpm-hammer/el7/x86_64/ceph-0.94.3-0.el7.centos.x86_64.rpm > RSA/SHA1, Wed 26 Aug 2015 09:57:17 PM CEST, Key ID 7ebfdd5d17ed316d > > Should this repository/mirror be discarded and should we (in EU) switch to download.ceph.com ? I fixed eu.ceph.com by putting a Varnish HTTP cache in between which now links to ceph.com You can still use eu.ceph.com and should be able to do so. eu.ceph.com caches all traffic so that should be much snappier then downloading everything from download.ceph.com directly. Wido [>- FS : -<] Many thanks for your quick reply and quick reaction ! Frederic _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |