[bug#33600] CDN performance

[Giovanni Biscuolo]

Hi Chris,

nice to see this discussion, IMHO how GuixSD subsitutes are distributed
is a key issue in our ecosystem and is _all_ about privacy and metadata
*mass* collection

most "normal users" are not concerned about this so they are fine with
super-centralization since it's a convenience... not us :-)

personally I've come to GuixSD because I see this project as a key part
in liberating me from this class of problems

Chris Marusich <address@hidden> writes:

[...]

> A summary, in the middle of the long thread, is here:
>
> https://lists.debian.org/debian-project/2013/10/msg00074.html

thank you for the reference, I've only read this summary

the key part of it IMHO is
  "Q: Do CDNs raise more security/privacy concerns than our mirrors?"

and the related subthread
 https://lists.debian.org/debian-project/2013/10/msg00033.html

the quick reply to the above question is: yes, CDNs raise more
secutiry/privacy concerns than "distributed mirrors"

obviuosly "distributed mirrors" _does_ rise some security/privacy
concerns but *centralization*... much more

[...]

> Judging by that email thread, one of the reasons why Debian considered
> using a CDN was because they felt that the cost, in terms of people
> power, of maintaining their own "proto-CDN" infrastructure had grown too
> great.

I'm still new to guixsd but understood enough to se we are much more
well equipped to maintain our distributed network of substitutes caching
servers... **transparently** configured :-)

[...]

> I also understand Hartmut's concerns.  The risks he points out are
> valid.  Because of those risks, even if we make a third-party CDN option
> available, some people will choose not to use it.

probably I'll be one of those, I'm considering to maintain a caching
substitute server in a "semi-trusted" colocated space and I'd be very
happy to share that server with the community

[...]

> However, not everyone shares the same threat model.  For example,
> although some people choose not to trust substitutes from our build
> farm, still others do.

for this very reason IMHO we should work towards a network of **very
trusted** build farms directly managed and controlled by the GuixSD
project sysadmins; if build farms will be able to quickly provide
substitutes, caching mirrors will be _much more_ effective than today

... and a network of "automated guix challenge" servers to spot
not-reproducible software in GuixSD

with a solid infrastructure of "scientifically" trustable build farms,
there are no reasons not to trust substitutes servers (this implies
working towards 100% reproducibility of GuixSD)

> The choice is based on one's own individual
> situation.  Similarly, if we make a third-party CDN option available and
> explain the risks of using it, Guix users will be able to make an
> educated decision for themselves about whether or not to use it.

that's an option... like a "last resort" in order to be able to use
guixSD :-)

we could also teach people how to setup their own caching servers and
possibly share them with the rest of the local community (possibly with
some coordination effort from the project sysadmins)

for Milan I've plans to setup such caching mirror in Jan 2019

[...]

happy hacking!
Gio

-- 
Giovanni Biscuolo

Xelera IT Infrastructures

signature.asc
Description: PGP signature