svn commit: r331618 - head/share/man/man7
Benjamin Kaduk
bjkfbsd at gmail.com
Tue Mar 27 15:01:34 UTC 2018
On Tue, Mar 27, 2018 at 9:57 AM, Rodney W. Grimes <
freebsd at pdx.rh.cn85.dnsmgr.net> wrote:
> > Author: trasz
> > Date: Tue Mar 27 14:51:19 2018
> > New Revision: 331618
> > URL: https://svnweb.freebsd.org/changeset/base/331618
> >
> > Log:
> > Use https:// instead of http://.
> >
> > MFC after: 2 weeks
> >
> > Modified:
> > head/share/man/man7/development.7
> >
> > Modified: head/share/man/man7/development.7
> > ============================================================
> ==================
> > --- head/share/man/man7/development.7 Tue Mar 27 14:50:12 2018
> (r331617)
> > +++ head/share/man/man7/development.7 Tue Mar 27 14:51:19 2018
> (r331618)
> > @@ -57,7 +57,7 @@ can be found at:
> > FreeBSD src development takes place in the CURRENT branch in Subversion,
> > located at:
> > .Pp
> > -.Lk http://svn.FreeBSD.org/base/head
> > +.Lk https://svn.FreeBSD.org/base/head
> > .Pp
> > There is also a read-only GitHub mirror at:
> > .Pp
>
> Why do we want to run the load of TLS for what are public bits?
> And fyi a default install of FreeBSD can not use https, you have
> to install certs from ports before any of these https links
> can even work, and that can be a royal pita in some situations.
>
Many of us are used to thinking of the network as controlled by an attacker.
Running http-not-s to fetch the sources lets "the attacker" supply an
arbitrary
collection of bits under the name FreeBSD without a good way for the user to
check that the bits on their disk match what the FreeBSD Project expects
them to be.
TLS provides data integrity as well as confidentiality...
-Ben
More information about the svn-src-all
mailing list