On Wed, Oct 19, 2022 at 4:01 AM Vitaly Zaitsev via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On 19/10/2022 09:48, Peter Robinson wrote: > > Sure but as mentioned it's public data, and the modification, and I > > covered that in my reply, would be picked up by the other mechanisms. > > They can collect a lot of sensitive information: your IP, Fedora > version, packages version, etc. This can help with recon for attackers. > HTTPS does not help with that. It's just a transport protocol. > > There isn't actually that many mirrors left do we > > really want to reduce the number more for end users for no actual > > improvement in security? > > It will improve privacy at least. > Not in any meaningful way, and in most cases HTTPS makes mirrors slower too. > > Ultimately bandwidth is expensive in a lot of > > parts of the world for commercial entities to provide, that's why > > there's mirrors. > > Fedora COPR has moved to Amazon CDN. Maybe Fedora's main mirror can > switch to a CDN too? > We don't have a "main mirror" for that to work. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
