Create Magnet links for download
I've been talking with a lot of Free Software projects about how they don't want to serve stuff up over HTTPS - especially bulk data. I've heard a lot of user blaming, balking at even trying to be secure, the point of gpg signatures, etc.
I think that there is a middle ground and it is probably worthwhile to explore. We could also use it as a test - it seems like an easy test too.
Basically, I propose that over HTTPS, we have a page that links to all of our downloads, with GPG signatures and the file they wish to download as BitTorrent Magnet links.
Here's one I created that has no seeders and no need for them, I might add:
The nice thing about that Magnet URN is that it includes (three) urls as backups - so anyone who clicks on it will fetch it over a .onion via HTTP or via two different HTTPS urls. I think that means that merely by offering the files our first users will get a normal download via HTTPO or HTTPS. They then become the seeders - no seeding box needed!
I think it should be rather straight forward to automate the creation of urls for our use too.
The main question for me is how well the 'as=' ( see https://en.wikipedia.org/wiki/Magnet_URI#Normal_.28as.29 ) field actually works. Do BitTorrent clients actually download it over HTTPS properly?