http subversion URLs should be discontinued in favor of https URLs

Poul-Henning Kamp phk at
Fri Dec 8 15:09:27 UTC 2017

In message <20171208142616.u56ntsf4zx5ns2ey at mutt-hbsd>, Shawn Webb writes:

>It really is a sad state that governments feel they must subvert
>secure communications channels used by citizens. I agree with you

And it really is a sad state when rabid IT-liberalists don't see
any problem with females who dare to speak out against sexual abuse
being threathened via Tor, teenage girls, whos only crime is looking
good, being sent dick-picks by shitbags and organized crime being
above the law.

>What if FreeBSD generated its own CA for use with critical
>infrastructure, like the svn repo. The trusted CA certificate would be
>distributed via multiple means: in the src tree and on the website.
>It would get installed on user's systems.

*Then* I could see a point in using HTTPS, because then you would
have the FreeBSD Project telling you that you got to the right place
rather than Taiwanese or Turkish government telling you that you
got to what they think is the right place.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the freebsd-security mailing list