On 11/7/21 12:15 AM, Sumit Bhardwaj wrote: > It is not always about speed. There are still plenty of places in the world > where people are on limited data plans and to them using delta rpms makes a > lot of sense. They can work with slow speeds but not with high data > expenses. So i feel turning it on by default and having a setting to turn > it off is still a sane choice. Just my 2 cents. > > > Regards, > Sumit Bhardwaj
I recommend that deltarpms be disabled by default as they increase attack surface. Users who need deltarpms to be enabled can turn them on manually. In the future, deltarpms should be cryptographically signed, which would mitigate these concerns. Sincerely, Demi Marie Obenour
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
