From owner-freebsd-security@freebsd.org  Fri Sep 18 12:51:08 2015
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2BD929CDAA8;
 Fri, 18 Sep 2015 12:51:08 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222])
 by mx1.freebsd.org (Postfix) with ESMTP id E51541BD3;
 Fri, 18 Sep 2015 12:51:07 +0000 (UTC)
 (envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (unknown [192.168.48.2])
 by phk.freebsd.dk (Postfix) with ESMTP id 105783BB88;
 Fri, 18 Sep 2015 12:51:01 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
 by critter.freebsd.dk (8.15.2/8.15.2) with ESMTP id t8ICp0Gf003048;
 Fri, 18 Sep 2015 12:51:00 GMT (envelope-from phk@phk.freebsd.dk)
To: Mark Felder <feld@FreeBSD.org>
cc: grarpamp <grarpamp@gmail.com>, freebsd-security@freebsd.org,
 freebsd-questions@freebsd.org
Subject: Re: HTTPS on freebsd.org, git, reproducible builds
In-reply-to: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
References: <CAD2Ti2_YNkNi2b=PzFCwu3PVaP8hOzADys3=-k0AqvsDRhJpzA@mail.gmail.com>
 <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3046.1442580660.1@critter.freebsd.dk>
Content-Transfer-Encoding: quoted-printable
Date: Fri, 18 Sep 2015 12:51:00 +0000
Message-ID: <3047.1442580660@critter.freebsd.dk>
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2015 12:51:08 -0000

--------
In message <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.=
com>,
 Mark Felder writes:

>There are two different opinions on this matter throughout the project:
>
>* Encrypt all the things
>* Encrypt what is necessary

I can recommend the book "Command & Control" as a very interesting
introduction to the value of "proportional response defense".

The War On Privacy will not be won by putting HTTP on totally public
information like FreeBSD.org, it is a political issue..

The only way to win political issues, is to engage in politics.

That means voting for the right politicians.

If no candidates are suitable, inspire people to become candidates.

If that fails too:  Become a candidate yourself.

If you feel you have more important things to do than engange in
politics, then you will have to live with the consequences.


-- =

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    =

Never attribute to malice what can adequately be explained by incompetence=
.