If php is mainly static it could be almost fully cached in a CDN. For the downloads I don't think the latency would be a problem but that can also be in the CDN If php owned two servers in US and two in Europe and possibly 2 in Asia we would be goon in terms of latency for the search IMO.
On 20 July 2017 at 19:38, Rasmus Lerdorf <ras...@lerdorf.com> wrote: > On Thu, Jul 20, 2017 at 1:42 AM, Niklas Keller <m...@kelunik.com> wrote: >> >> They can also just request them themselves, but only for their mirror >> domain. If you allow them to issue for www.php.net, you can as well just >> put the current private key there. >> > > I think there is a big difference between putting the private key there > and proxying validation for just a www.php.net CN alias. We already have > a list of known mirrors, so we would make sure to only validate > www.php.net for those. By validating www.php.net we allow any mirror to > pretend they are www.php.net and no other *.php.net domain, which is > exactly what we want. > > -Rasmus >
