From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7282F138334 for ; Mon, 30 Sep 2019 20:30:51 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3C3B9E0951; Mon, 30 Sep 2019 20:30:47 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E7F05E0924 for ; Mon, 30 Sep 2019 20:30:46 +0000 (UTC) Received: from [192.168.2.122] (dslb-088-077-003-173.088.077.pools.vodafone-ip.de [88.77.3.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: chithanh) by smtp.gentoo.org (Postfix) with ESMTPSA id 3D1DB34B69E; Mon, 30 Sep 2019 20:30:45 +0000 (UTC) Subject: Re: [gentoo-dev] [RFC] Using HTTPS mirrors only in thirdpartymirrors (when possible) To: =?UTF-8?B?TWljaGHFgiBHw7Nybnk=?= , gentoo-dev@lists.gentoo.org References: <36f599c2d7ada8d9ff20ea506e459a17a009d13a.camel@gentoo.org> From: =?UTF-8?Q?Ch=c3=ad-Thanh_Christopher_Nguy=e1=bb=85n?= Openpgp: preference=signencrypt Message-ID: <33ed4b48-1791-10bd-a7da-4559f9713d87@gentoo.org> Date: Mon, 30 Sep 2019 22:30:16 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <36f599c2d7ada8d9ff20ea506e459a17a009d13a.camel@gentoo.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: 7ae0554e-f36b-4372-925d-06d7776252f4 X-Archives-Hash: 3b5917e1dbb1808e73ca9998e7993439 Michał Górny schrieb: > Many 'FTP' hosts belong to different tiers. There's a major difference > between knowing that a user is fetching *something* from big mirror of > everything, and knowing the exact precise thing being fetched. It may > mean knowing that the user is fetching vulnerable package (for whatever > reason). As Portage uses one connection per file, which exact file was downloaded can still be inferred from the amount of transferred data (to a degree). I agree that it is a step forward though, however small it is. Best regards, Chí-Thanh Christopher Nguyễn