From owner-freebsd-hackers@FreeBSD.ORG  Sat Nov  6 05:07:32 2010
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0ADF61065673;
	Sat,  6 Nov 2010 05:07:32 +0000 (UTC) (envelope-from imp@bsdimp.com)
Received: from harmony.bsdimp.com (bsdimp.com [199.45.160.85])
	by mx1.freebsd.org (Postfix) with ESMTP id C0EB58FC13;
	Sat,  6 Nov 2010 05:07:31 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by harmony.bsdimp.com (8.14.3/8.14.1) with ESMTP id oA656Hoo080790;
	Fri, 5 Nov 2010 23:06:18 -0600 (MDT) (envelope-from imp@bsdimp.com)
Date: Fri, 05 Nov 2010 23:06:17 -0600 (MDT)
Message-Id: <20101105.230617.74669306.imp@bsdimp.com>
To: gcooper@FreeBSD.org
From: Warner Losh <imp@bsdimp.com>
In-Reply-To: <AANLkTi=62rRhZsN4wUi6p_yokSxG0tkjUHK7gosLtTRZ@mail.gmail.com>
References: <201011052316.27839.jpaetzel@freebsd.org>
	<AANLkTi=62rRhZsN4wUi6p_yokSxG0tkjUHK7gosLtTRZ@mail.gmail.com>
X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: jpaetzel@FreeBSD.org, freebsd-hackers@FreeBSD.org
Subject: Re: txt-sysinstall scrapped
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Nov 2010 05:07:32 -0000

>     Just to add to that (because I do find it a novel idea), 1) how
> are you going to properly prevent man in the middle attacks (SSL, TLS,
> etc?), and 2) what webserver would you use?

https or ssh.

We're also toying with the idea of having a partition that you could
'dd' your certs and keys to (so any system can customize the image
with keys to make sure you were talking to who you think you are).
We'd just reserve 1MB of space on partition s3.  We'd then check to
see if there was a tar ball.  If so, we'd extract it and do the
intelligent thing with the keys we find there.

>     I bring up the former item because I wouldn't want my data going
> unencrypted across any wire, and what BSD compatible web servers did
> you guys have in store and who would maintain the server, and what
> kinds of vulnerabilities would you be introducing by adding a service
> which would be enabled by default at runtime?

The web server would just be there at installation time.  You'd run it
out of the ram disk and it would evaporate when the system reboots
after it being installed.

Also, I'm not sure we even need to have to have a set of prompts.  If
we do the web page right, we likely can just go directly to lynx...

Warner