Comment 1 for bug 433970
Revision history for this message
| Martin Pool (mbp) wrote Re: Add an option to connect to S3 with regular HTTP (and not HTTPS) | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
This would be very nice. It is indeed much faster, and will probably have a stronger effect the further you are from the Amazon datacentre. For me (in Australia) it cut the time to restore a particular backup from 40m to 6m.
I believe this would be a safe change: the s3 headers are digitally signed; the user data is either encrypted (or not) at the gpg level. The information exposure if there's a hostile connection somewhere between you and s3 is that they can see you're doing a duplicity backup and what the backup increments are. It seems to me this means the network is trusted as much as Amazon is trusted, which is a reasonable position.