On Mon, Sep 03, 2018 at 08:54:56PM +0100, Ben Hutchings wrote: > On Mon, 2018-09-03 at 20:13 +0200, Karsten Merker wrote: > > On Mon, Sep 03, 2018 at 04:41:10PM +0200, Julien Cristau wrote: > > > Control: tag -1 + patch > > > > > > On 08/31/2018 06:27 PM, Julien Cristau wrote: > > > > Package: choose-mirror > > > > Severity: wishlist > > > > X-Debbugs-Cc: tfheen@debian.org > > > > > > > > I think it's time for choose-mirror to stop asking by default. AFAIK > > > > deb.debian.org works well enough now that we don't need users to > > > > manually select a mirror close to them. [...] > > > > Hello, > > > > I can see the argument for not asking to select a mirror when > > there is a well-working mechanism for automatically choosing a > > "near" (in networking terms) mirror. Does deb.debian.org fulfill > > everybody's needs in this regard? ISTR that there were some > > discussions in the past that deb.debian.org didn't resolve to > > particularly useful mirrors for some parts of the world, but I > > have no idea whether that is still a problem. My personal > > experience with deb.debian.org hasn't been that great - instead > > of redirecting me to the Debian mirror that is run by my local > > ISP (and that is in d-i's mirrorlist), it redirects me to an AWS > > instance hosted rather "far" away in networking terms. > [...] > > The existing mirror network has several longstanding problems: > > 1. Many mirrors don't reliably update > 2. Some mirrors aren't reliably available at all > 3. Many mirrors don't carry all release architectures (even a few > of the "primary" ones don't) > 4. Most mirrors don't support TLS > > httpredir.debian.org attempted to solve the first 3 problems while > still doing what you want: it redirected to local mirrors known to have > up-to-date files. This would have been almost ideal as a default. But > apparently it required a lot of maintenance work, which no-one was > prepared to continue doing. > > That's why deb.debian.org is a plain CDN which doesn't rely on the > existing mirror network. It also supports TLS (which I think should > also be enabled by default in the installer). > > If deb.debian.org still doesn't provide reasonably fast service in some > countries, then maybe we should still ask—but then we should put > deb.debian.org at the top of the mirror list for most countries. /\ +1 /\ Like Karsten, my experience with deb.debian.org has been inconsistent. With a 50 Mb/s ADSL line in Montréal, most of the top candidates mirrors from netselect will consistently deliver ~6200 kB/s, but deb.debian.org often connects to an AWS instance where the download proceeds no more than 350 KB/s... Additionally, I think that it is reasonable that users look at the mirror list for the following reason: Our mirrors are a list of organisations and universities who donate storage and bandwidth. Having users look at this list provides the opportunity for the user to recognise their donation--something like "oh, these are the entities who support FLOSS in my country". Thus, I believe that hiding this from the user reduces the reciprocity with these donors, and reduces the incentive to donate storage/bandwidth. That said, I think there should be some sort of mechanism to reward those mirrors who provide TLS. It's becoming normal for a browser to display "insecure site" for those which don't support SSL... Cheers, Nicholas
Attachment:
signature.asc
Description: PGP signature