From owner-freebsd-security@freebsd.org Fri Dec 8 10:33:10 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ECEFCEA09ED for ; Fri, 8 Dec 2017 10:33:10 +0000 (UTC) (envelope-from luke@solentwholesale.com) Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B2BA46CCCF for ; Fri, 8 Dec 2017 10:33:10 +0000 (UTC) (envelope-from luke@solentwholesale.com) Received: by mail-it0-x22f.google.com with SMTP id u62so3939001ita.2 for ; Fri, 08 Dec 2017 02:33:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=solentwholesale.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=TZpxPd6b84RE78R6GbcUvTPtdiTSuVwQPnJ570UWQsE=; b=WNGmuVy+TXD+FvwdXLLqN7AnMDUi/GhtAegvoF0fAeUk7FPz5RSAqKBxoBH0Tz0cPk eIZaI20AGkWHyKobrMXKA7tKVR7L2wrX3Oh9FQp/MJYw51SZW81e/80zmurxnvYy6zfY FXx32B030ZSfAuVis1IxhTbNH64NLPaiSl+HI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=TZpxPd6b84RE78R6GbcUvTPtdiTSuVwQPnJ570UWQsE=; b=GpVinOZlpvDlEd8+FStdjvdaWotbR1GzluNWRb7b9TaX89ZuLH+xIRbNe/lYCb075f 6hmlYnHr0EqAtGu/MNaoMBN2Zq+tATLSa+vgQ31N14/y7iTPFDL8EqLE0DGh4Ny2aw/d GAaZNK4iLpLoYQCK+vJOPZ9xw012BjGO/RWC5HcuTZvtF4ORSVjCELFGttyBoBktX/G4 kZKCbeZu7zqMH+7CG5IcNrd1B4KVzIG7OIZIH5QakhKIbI8MF2hGA38Z0r1KDPc5aoDd w/s+0m/KpQUUDyTR2sxgUEj8/G/oF4zHjY8N31iXjuM9nd2HsP7yU2WCxyIK1jp3Bbqn XryQ== X-Gm-Message-State: AKGB3mI6zqK29U2lyJHMEoz6HPIyqfKqiLWAtmwE9hIRn8xa2+Vaw5no OBAnYtWvFK7vqyI+7qhYr5DgIPZZ75gp8FtJ6dSgKQ== X-Google-Smtp-Source: AGs4zMY1iX5uqpDM276+ryujRHQox29c7YgD9ANV5S2su/mLsvmgD66yPAFWiJXcoEXtMS/I3mLNcbgi24A7P3MaF4E= X-Received: by 10.36.221.216 with SMTP id t207mr4972397itf.112.1512729189784; Fri, 08 Dec 2017 02:33:09 -0800 (PST) MIME-Version: 1.0 Received: by 10.79.175.13 with HTTP; Fri, 8 Dec 2017 02:33:09 -0800 (PST) In-Reply-To: <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <5A2709F6.8030106@grosbein.net> <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> <8788fb0d-4ee9-968a-1e33-e3bd84ffb892@heuristicsystems.com.au> <20171205220849.GH9701@gmail.com> <24153.1512513836@critter.freebsd.dk> <1C30FE91-753A-47A4-9B33-481184F853E1@tetlows.org> <867etyzlad.fsf@desk.des.no> <1291.1512658230@critter.freebsd.dk> <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com> From: Luke Crooks Date: Fri, 8 Dec 2017 10:33:09 +0000 Message-ID: Subject: Re: http subversion URLs should be discontinued in favor of https URLs To: freebsd-security@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Dec 2017 10:33:11 -0000 The pull request was rejected for a valid reason, offering http allows users with limited network access chance to clone or download freebsd where https is not possible. We all have differences of option on the matter and having a flame war on a mailing list just gives the project a bad reputation. Regards, -- Luke Crooks Solent Wholesale Carpets www.solentwholesale.com On Fri, Dec 8, 2017 at 8:25 AM, TJ Varghese wrote: > On 12/07/2017 10:50 PM, Poul-Henning Kamp wrote: > >> >> You can't have the latter without the former. Assertion of identity is >>> the only protection against MITM eavesdropping or tampering. >>> >> Or more generally: >> >> If you dont/cant trust the other end, why would you trust them to >> keep the communication secret ? >> >> > I'm curious as to your take on electronic banking. Should they all merely > use HTTP since HTTPS is hopelessly compromised by design? If your objection > is that HTTPS bring nothing to the security table, then it really doesn't > make a difference where it's used and we should all just stop using it, no? > > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org > " >