svn commit: r331618 - head/share/man/man7

Rodney W. Grimes freebsd at pdx.rh.CN85.dnsmgr.net
Tue Mar 27 15:41:04 UTC 2018


> Thinking of the network as attacker-controlled is fine, but without
> the CA certificate database in ports, TLS provides neither data
> integrity nor confidentiality.[0]
> 
> Even with certificate validation, it's unlikely that TLS provides
> meaningful confidentiality for svn.freebsd.org ? IP still exposes the
> server's address:
> 
> $ host 8.8.178.107
> 107.178.8.8.in-addr.arpa domain name pointer svnmir.ysv.freebsd.org
> 
> Even a naive network attacker can determine that you are interacting
> with a FreeBSD source mirror, and can determine the direction of the
> flow of information based on simple count of upload / download bytes.

Without the private part of the TLS they can not alter that data,
correct?

I know there are TLS intercepts, but they require you to get the
client to accept an alternate cert to proxy the connection.

> 
> Best,
> Conrad
> 
> P.S., we should probably ship a CA database in base.  Maybe with an
> override version in ports to match our release model.  But, base
> should be able to authenticate certificates out of the box.

I believe there is a group of people working on that issue
some place, or at least I recall seeing it as an adgenda item.

> [0]: https://github.com/moxie0/sslsniff
> 
> On Tue, Mar 27, 2018 at 8:01 AM, Benjamin Kaduk <bjkfbsd at gmail.com> wrote:
> > On Tue, Mar 27, 2018 at 9:57 AM, Rodney W. Grimes
> > <freebsd at pdx.rh.cn85.dnsmgr.net> wrote:
> >>
> >> > Author: trasz
> >> > Date: Tue Mar 27 14:51:19 2018
> >> > New Revision: 331618
> >> > URL: https://svnweb.freebsd.org/changeset/base/331618
...

-- 
Rod Grimes                                                 rgrimes at freebsd.org


More information about the svn-src-all mailing list