From owner-freebsd-security@freebsd.org  Sun Dec 10 23:15:17 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 46253EA0D30
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Sun, 10 Dec 2017 23:15:17 +0000 (UTC)
 (envelope-from phk@critter.freebsd.dk)
Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222])
 by mx1.freebsd.org (Postfix) with ESMTP id 053E167EBE
 for <freebsd-security@freebsd.org>; Sun, 10 Dec 2017 23:15:16 +0000 (UTC)
 (envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (unknown [192.168.55.3])
 by phk.freebsd.dk (Postfix) with ESMTP id 984F62737A;
 Sun, 10 Dec 2017 23:15:12 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
 by critter.freebsd.dk (8.15.2/8.15.2) with ESMTPS id vBANEuXu099307
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Sun, 10 Dec 2017 23:14:56 GMT (envelope-from phk@critter.freebsd.dk)
Received: (from phk@localhost)
 by critter.freebsd.dk (8.15.2/8.15.2/Submit) id vBANEs0E099306;
 Sun, 10 Dec 2017 23:14:54 GMT (envelope-from phk)
To: John-Mark Gurney <jmg@funkthat.com>
cc: Michelle Sullivan <michelle@sorbs.net>, Yuri <yuri@rawbw.com>,
 RW <rwmaillists@googlemail.com>, Igor Mozolevsky <mozolevsky@gmail.com>,
 freebsd security <freebsd-security@freebsd.org>
Subject: Re: http subversion URLs should be discontinued in favor of https URLs
In-reply-to: <20171210225326.GK5901@funkthat.com>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
References: <20171205231845.5028d01d@gumby.homeunix.com>
 <CADWvR2gVn8H5h6LYB5ddwUHYwDtiLCuYndsXhJywi7Q9vNsYvw@mail.gmail.com>
 <20171210173222.GF5901@funkthat.com>
 <CADWvR2iGQOtcU=FnU-fNsso2eLCCQn=swnOLoqws+33V8VzX1Q@mail.gmail.com>
 <5c810101-9092-7665-d623-275c15d4612b@rawbw.com>
 <CADWvR2j_LLEPKnSynRRmP4LG3mypdkNitwg+7vSh=iuJ=JU09Q@mail.gmail.com>
 <fd888f6b-bf16-f029-06d3-9a9b754dc676@rawbw.com>
 <CADWvR2jnxVwXmTA9XpZhGYnCAhFVifqqx2MvYeSeHmYEybaNnA@mail.gmail.com>
 <19bd6d57-4fa6-24d4-6262-37e1487d7ed6@rawbw.com> <5A2DB80D.3020309@sorbs.net>
 <20171210225326.GK5901@funkthat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <99304.1512947694.1@critter.freebsd.dk>
Date: Sun, 10 Dec 2017 23:14:54 +0000
Message-ID: <99305.1512947694@critter.freebsd.dk>
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Dec 2017 23:15:17 -0000

--------
In message <20171210225326.GK5901@funkthat.com>, John-Mark Gurney writes:

>IMO, all security needs to be node-to-node. 

There's nothing "IMO" about that.

The end-to-end principle became a bed-rock foundation of all rational
networking with "End to End Arguments in System Design" in 1981.

    http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf

The only realistic way for the FreeBSD project to implement end-to-end
trust, is HTTPS with a self-signed cert, distributed and verified
using the projects PGP-trust-mesh and strong social network.

Anything else is just pretend-security today.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.