http subversion URLs should be discontinued in favor of https URLs
Poul-Henning Kamp
phk at phk.freebsd.dk
Sun Dec 10 23:15:17 UTC 2017
--------
In message <20171210225326.GK5901 at funkthat.com>, John-Mark Gurney writes:
>IMO, all security needs to be node-to-node.
There's nothing "IMO" about that.
The end-to-end principle became a bed-rock foundation of all rational
networking with "End to End Arguments in System Design" in 1981.
http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf
The only realistic way for the FreeBSD project to implement end-to-end
trust, is HTTPS with a self-signed cert, distributed and verified
using the projects PGP-trust-mesh and strong social network.
Anything else is just pretend-security today.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-security
mailing list