http subversion URLs should be discontinued in favor of https URLs
Matthew Finkel
matthew.finkel at gmail.com
Tue Dec 12 18:15:32 UTC 2017
On Tue, Dec 12, 2017 at 06:22:19PM +0100, Jan Bramkamp wrote:
>
> On 12.12.17 15:28, Poul-Henning Kamp wrote:
> > For the FreeBSD SVN tree, this could almost be as simple as posting
> > an email, maybe once a week, with the exact revision checked out
> > and the PGP signed output of:
> >
> > svn co ... && find ... -print | sort | xargs cat | sha256
> >
> > Such an archive would also be invaluable for reauthenticating in
> > case, somebody ever manages to do something evil to our repo.
> >
> > > Solve the problem at the correct location -- either fix svn to sign and
> > > verify updates or dump it for something that can and use that existing
> > > mechanism (e.g. git)
> >
> > As I mentioned humoursly to you in private email, I don't think
> > this particular problem will reach consensus any sooner if you
> > also tangling it in the SVN vs GIT political issue.
>
> How about an uncompressed tarball signed with signify? It could be
> replicated with rsync (or zsync) and getting security patches wouldn't
> require lots of network bandwidth.
Portsnap already provides signed snapshots of the tree from mirrors. The
main problem is checking out the full tree as-is from the subversion
servers.
>
> I still prefer to encrypt every transfer with PFS only protocols, but even
> with transport encryption in place content authentication is still valuable
> because it allows the use of caching proxies.
More information about the freebsd-security
mailing list