Gordon Messmer wrote: <snip> > That sounds entirely reasonable for the public releases. For the early > releases, to paying users, I think you proposed too many changes. I > think it would be entirely sufficient for Red Hat to use the standard BT > clients. The server is the only thing that should require > modifications. I'll agree that's a valid point; the fewer changes required, the more likely this is to actually happen. But, I think most of the modifications wouldn't be too terribly difficult to make, and some amount of work would have to go into packaging (and hopefully auditing) the standard BT code anyway. From the end-users' perspective, most probably don't have BitTorrent installed, so they'll still need to download a client; why not go all the way and have a redhat-download-isos tool, or integrate it as new functionality in an existing tool like up2date? > When a user logs in to RHN, his IP could be recorded (popB4smtp > anyone?). The tracker should only accept connections from users who've > logged in recently. I don't think that clients necessarily have to > authenticate each other, unless you think that there will be enough > people predicting the address of RHN BT users and leeching their data to > justify a branded RHN BT client. Hey, nice, I like that. It cuts out some unnecessary complexity. > In any case, Red Hat running a BT system won't make a lick of difference > to the people who want to distribute it through their own channels. > This time, they got a hold of the ISOs and set up a tracker. If RH ran > their own tracker, they'd still be able to do the same. Very true. But the proposed system *would* bring RedHat Network up to the same speed as the unofficial BitTorrent links, so we'd no longer be at a disadvantage for using the service we're paying for. And then, fewer subscribers would use the unofficial .torrent's, causing the unofficial BitTorrent network to go just a little slower. Heck, the official channel might even wind up being faster. How cool would that be? > > * My one reservation has to do with verifying the integrity of > software > > downloaded with BitTorrent. md5sums should either come straight from > the > > distributor (RedHat) over an SSL channel with server authentication > > Like, display them on the web page that presents the link to the > .torrent file? Yup. -charles
