Just had this idea pop up in my mind. Instead of relying on volunteers mirroring package repositories all around the world, why not utilise BitTorrent protocol to move at the very least some some load unto the users and thus increase download speeds as well as decrease latency?
One reason is privacy and hence security. If you share a package, you also share the information that your system contains the oudtated package “xy” which has a backdoor and can be accessed by a hacker.
I’m not sure if that is a valid argument with atomic image distros since you share the whole image. And the tracker could just disable the old image as soon as the new image arrives.
It no more says that than hosting an HTTP mirror currently does.
But as a third party you can not know which clients are using this outdated http mirror. On BitTorrent you can see every participating peers and some of them are probably enduser machines (depending on the actual implementation of OP’s suggestion).
You could just check the signature