http subversion URLs should be discontinued in favor of https URLs

[Igor Mozolevsky]

On 8 December 2017 at 14:26, Shawn Webb <shawn.webb at hardenedbsd.org> wrote:

<snip>


Please note that this is likely to be my only contribution to this
> thread.
>
> What if FreeBSD generated its own CA for use with critical
> infrastructure, like the svn repo.


<snip>

Nobody has yet offered a concrete threat model that requires such elaborate
investment. So far as I can tell, the only two things people have mentioned
are:

- abstract MITN-bogeyman; or
- not wanting "the suits" learning one is using FreeBSD...


To me, both of the above sound more unjustifiably paranoid than reasonable,
yet the people advocating the above want not only an investment in
elaborate infrastructure, but also waste computer cycles for crypto and
network traffic for re-transmission of static data that is fully capable of
getting cached thereby reducing network/server load at the source. Both
Microsoft (unless you're running an MS-syndicated update server) and
virtually every Linux distro require repeated downloads of the *same* data
(due to HTTPS!) if you have more than one install (I am talking not just
running a bunch of boxes but virtualised machines that people need to
repeatedly create/destroy for whatever reason); that is a sheer insanity
from the NetOps perspective!

The "how do we know security updates are legitimate if they come down a
mere HTTP" is answered by signing the updates themselves, rendering the S
in the HTTPS redundant.


-- 
Igor M.