[arch-mirrors] ftp.acc.umu.se now HTTPS enabled
Our mirror is now HTTPS enabled, same path as HTTP ie. https://ftp.acc.umu.se/mirror/archlinux/ We do however recommend using HTTP and signatures rather than relying on HTTPS for file integrity. While the CPU load of HTTPS on clients is negligable, the server CPU load becomes quite a task for organizations like ACC that are running on 5+ years old donated hardware. Especially when combined with the goal of being able to push multiple tens of gigabits... /Nikke -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | nikke@acc.umu.se --------------------------------------------------------------------------- BorgDos 1.0 : Irrelevant Command Or Filename. (A)ssimilate (D)estroy? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
On 11.12.2016 11:07, Niklas Edmundsson wrote:
We do however recommend using HTTP and signatures rather than relying on HTTPS for file integrity.
We always use signatures if available. HTTPS is just a bonus for privacy.
While the CPU load of HTTPS on clients is negligable, the server CPU load becomes quite a task for organizations like ACC that are running on 5+ years old donated hardware. Especially when combined with the goal of being able to push multiple tens of gigabits...
I'm not sure how to understand that. I can't control how our users connect to your server if I list both URLs. I'd expect them to switch to HTTPS, but if you feel like you can't handle the load, it's probably better if I don't list it. What do you want me to do? Florian
On Sun, 11 Dec 2016, Florian Pritz via arch-mirrors wrote:
On 11.12.2016 11:07, Niklas Edmundsson wrote:
We do however recommend using HTTP and signatures rather than relying on HTTPS for file integrity.
We always use signatures if available. HTTPS is just a bonus for privacy.
Ah, OK.
While the CPU load of HTTPS on clients is negligable, the server CPU load becomes quite a task for organizations like ACC that are running on 5+ years old donated hardware. Especially when combined with the goal of being able to push multiple tens of gigabits...
I'm not sure how to understand that. I can't control how our users connect to your server if I list both URLs. I'd expect them to switch to HTTPS, but if you feel like you can't handle the load, it's probably better if I don't list it.
What do you want me to do?
List it. We'll need some real load anyway to see how it pans out beyond the theoretical sphere. We don't expect any real issues before we get the network upgrade early next year anyway, so... /Nikke -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Niklas Edmundsson, Admin @ {acc,hpc2n}.umu.se | nikke@acc.umu.se --------------------------------------------------------------------------- I can't believe it. I've heard of this disease. Beverly =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
On 12.12.2016 09:31, Niklas Edmundsson wrote:
What do you want me to do?
List it. We'll need some real load anyway to see how it pans out beyond the theoretical sphere. We don't expect any real issues before we get the network upgrade early next year anyway, so...
Alright, I've added the HTTPS URL. Thanks! Florian
participants (2)
-
Florian Pritz
-
Niklas Edmundsson