From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: Re: [PATCH] gnu: font-un: Add mirror.
Date: Wed, 31 Aug 2016 15:25:32 -0400
Message-ID: <20160831192532.GA22495@jasmine>
References: <87wpjbdy3u.fsf@we.make.ritual.n0.is>
	<20160822202649.GA29889@jasmine>
	<87mvk4l8tx.fsf@we.make.ritual.n0.is>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:32967)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bfB8s-0008Fe-LG
	for guix-devel@gnu.org; Wed, 31 Aug 2016 15:25:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bfB8o-0002vl-Dw
	for guix-devel@gnu.org; Wed, 31 Aug 2016 15:25:45 -0400
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:48363)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1bfB8n-0002v7-79
	for guix-devel@gnu.org; Wed, 31 Aug 2016 15:25:42 -0400
Content-Disposition: inline
In-Reply-To: <87mvk4l8tx.fsf@we.make.ritual.n0.is>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: ng0 <ng0@we.make.ritual.n0.is>
Cc: guix-devel@gnu.org

On Mon, Aug 22, 2016 at 10:47:38PM +0000, ng0 wrote:
> > On Sat, Aug 20, 2016 at 07:44:21PM +0000, ng0 wrote:
> >> This adds another mirror for font-un, this time with tls
> >> enabled. Leaving the sdf.org mirror in the list in case dl.n0.is goes
> >> down.
> >
> > Hi, can you remind us why this is necessary?
> 
> It is possible that it is unnecessary. My motivation was that tls
> enabled source urls provide minimal more security. But we have the
> hash of the file which is expected, so there should be no significant
> difference between those two protocols, correct?

Since we check the hash of the downloaded source file, there _shouldn't_
be any difference between using HTTP and HTTPS.

However, users of HTTP don't have the privacy that HTTPS can provide.

Also, HTTP is unauthenticated, so a man-in-the-middle could provide a
malformed source file that exploited bugs in our HTTP client or
hash checker.

Those are the drawbacks of HTTP that I can think of with respect to
Guix's source file downloading. I'm no expert, so I could be wrong, and
there could be other drawbacks.

> If this is true, this patch was unnecessary.

But, I don't think we should start re-hosting the source tarballs
ourself unless there is no other source. Also, Hydra itself serves as a
content-addressed mirror now.