> So, please either try the new version and see how you get on, or provide > more detail.
security.debian.org currently consists of 3 IPs 128.31.0.36 212.211.132.32 212.211.132.250 If you telnet to every IP on port 80 and try GET /debian-security/dists/etch/updates/ you'll see from time to time (now?) that 128.31.0.36 is out of sync on Release.gpg Release and others (maybe) If you request several files of security.debian.org through apt-cacher, it downloads them by downloading a file, rotating the IP and downloading the next. This is considered bad behaviour(TM). At least on browsers (see binding attacks). Names/IPs should be looked up once and bind to one result for a specified time (timeout on inactivity?) or only be rotated on real problems (404, connection problems), thus also unsynced servers do no harm on complex data-storages (like Debian archives). What happens: 128.31.0.36 GET /debian-security/dists/etch/updates/Release 128.31.0.36 GET /debian-security/dists/etch/updates/Release.gpg 212.211.132.32 GET /debian-security/dists/etch/updates/main/binary-alpha/Packages => BAD archive 128.31.0.36 GET /debian-security/dists/etch/updates/Release 212.211.132.32 GET /debian-security/dists/etch/updates/Release.gpg => BAD signature .... Am I wrong? The fix in /etc/hosts binds the name to a single IP so the rotating doesn't happen. => No BAD archive, No BAD signature -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
