http subversion URLs should be discontinued in favor of https URLs

Poul-Henning Kamp phk at
Tue Dec 5 23:30:39 UTC 2017

In message <1294e5c4-9554-b9f5-8ea9-13aca5411e9a at>, Yuri writes:
>On 12/05/17 14:43, Poul-Henning Kamp wrote:
>> The vastly oversold "security" of HTTPS is entirely borrowed from
>> a confederation of root-CA's which no non-deluded person can ever
>> seriously trust.
>Your argument goes like this [...]


You get to express your opinion, you do not also get to express mine.

The core problem of all encryption is key distribution.

HTTPS doesn't have that, it relies entirely on the CA system for it.

The CA conglomerate is broken, trojaned and backdoored, and documented
as such, and therefore HTTPs is a potempkin shell of security.

Until HTTPS has something more trustworthy than the CA conglomerate
to distribute keys, it is no safer in any respect than plain HTTP.

And you are wasting everybodys time by trying to change FreeBSD's
*100% non-private* version control system to a protocol which offers
no privacy where no privacy is needed.

You should spend *your* time getting personally involved in your
own countrys political system, which is where the relevant decisions,
bad or good, about our electronic privacy will be made.

Over and out...

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the freebsd-security mailing list