Received: from localhost (maia-1.hub.org [200.46.204.191]) by postgresql.org (Postfix) with ESMTP id 9B82C9FB249 for ; Mon, 5 Feb 2007 17:13:04 -0400 (AST) Received: from postgresql.org ([200.46.204.71]) by localhost (mx1.hub.org [200.46.204.191]) (amavisd-new, port 10024) with ESMTP id 10549-06 for ; Mon, 5 Feb 2007 17:13:00 -0400 (AST) X-Greylist: from auto-whitelisted by SQLgrey-1.7.4 Received: from developer.pgadmin.org (developer.pgadmin.org [63.246.23.140]) by postgresql.org (Postfix) with ESMTP id 933639FA4CA for ; Mon, 5 Feb 2007 17:13:00 -0400 (AST) Received: from [172.16.0.68] ([84.13.224.116]) (authenticated bits=0) by developer.pgadmin.org (8.13.8/8.13.8) with ESMTP id l15Knmck016272 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 5 Feb 2007 20:49:49 GMT Message-ID: <45C79DDA.5010203@postgresql.org> Date: Mon, 05 Feb 2007 21:12:58 +0000 From: Dave Page User-Agent: Thunderbird 1.5.0.9 (Macintosh/20061207) MIME-Version: 1.0 To: Greg Sabino Mullane CC: pgsql-www@postgresql.org Subject: Re: How to coordinate web team for security releases? References: <68f661154ca35b7a0afed9b83cd3ff3c@biglumber.com> In-Reply-To: <68f661154ca35b7a0afed9b83cd3ff3c@biglumber.com> X-Enigmail-Version: 0.94.1.2 OpenPGP: url=http://www.pgadmin.org/pgp/davepage.pgp Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: Maia Mailguard 1.0.1 X-Archive-Number: 200702/46 X-Sequence-Number: 11451 Greg Sabino Mullane wrote: > > Dave Page wrote: >>> What we also need is a better way to update the mirrors in a timely manner. > >> I don't see how we can do that unless we persuade all the mirrors to >> update more than once per day, which I doubt the larger ones will do. > > Well, I was thinking more in terms of something in addition to the daily update, > such as an hourly (or less) check that would pull in any high-priority changes[1]. > Seems that most of the time-sensitive changes we've needed affect a very small > subset of the pages and should not be a traffic concern. The good thing about > such a system is that we would not even need 100% buy-in right away - the ones > not implementing it would still get the daily update. Eventually we'd want to > strongly encourage everyone to use it, of course. A nice idea, but a good number of our mirrors are big mirrors sites who likely won't want to muck around with special configs for each site they mirror. Perhaps we could group the mirrors into 'preferred' and 'normal' sections, where the preferred ones are all on a 2 or 4 hour update. Regards, Dave.