FreeBSD Mail Archives

Date:      Mon, 11 Dec 2017 10:06:20 -0600
From:      Karl Denninger <karl@denninger.net>
To:        freebsd-security@freebsd.org
Subject:   Re: http subversion URLs should be discontinued in favor of https URLs
Message-ID:  <b35214b2-6724-964f-9c05-107c153d0bbd@denninger.net>
In-Reply-To: <20171211151614.76cm7s4zk6go4clo@mutt-hbsd>
References:  <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> <8788fb0d-4ee9-968a-1e33-e3bd84ffb892@heuristicsystems.com.au> <20171205220849.GH9701@gmail.com> <24153.1512513836@critter.freebsd.dk> <1C30FE91-753A-47A4-9B33-481184F853E1@tetlows.org> <867etyzlad.fsf@desk.des.no> <1291.1512658230@critter.freebsd.dk> <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com> <CAC0r6X94N4Dv=droSC=B8ri-sH2eb9gJgdvpVqwPt0pSenXfog@mail.gmail.com> <slrnp2t7rl.nqg.naddy@lorvorc.mips.inka.de> <20171211151614.76cm7s4zk6go4clo@mutt-hbsd>

index | next in thread | previous in thread | raw e-mail


[-- Attachment #1 --]
On 12/11/2017 09:16, Shawn Webb wrote:
> On Mon, Dec 11, 2017 at 03:08:37PM -0000, Christian Weisgerber wrote:
>> On 2017-12-08, Luke Crooks <luke@solentwholesale.com> wrote:
>>
>>> The pull request was rejected for a valid reason, offering http allows
>>> users with limited network access chance to clone or download freebsd where
>>> https is not possible.
>> Do users actually exist who have access to http but not to https?
>> Or is this a myth?  And how do these users access popular sites
>> like Wikipedia, or www.FreeBSD.org for that matter?
> In an effort to enforce encrypted comms, my network is the inverse:
> TCP:80 is disallowed, but TCP:443 is accepted.
>
> Thanks,
Wading back into this; it may be worth one half of 2 bits from other's
points of view....

IMO there are three issues and we're conflating them/.� This is
unfortunate because only one of them matters.

/Https allegedly provides three things:
1. Attestation (you're talking to who you think you are)
2. Data integrity (the data has not been tampered with)
3. Privacy during transport (nobody but the receiving party can observe
the payload except on the sending and terminal ends)

#2 in https comes about because if #1 is true then the payload will not
decode if someone tampers with it or the certificate in use, /provided
/the correct options are enforced.

The problem is that if #1 is false then both #2 and #3 are ALSO false,
because if I can tamper with attestation then I can MITM the data
(insert discussion/debate/whatever on the existing CA structure, etc.
which is really the never-ending debate on key management, distribution
and the vouching process in any given certificate management design)�
This leads to all sorts of other issues (like intentional MITM behavior
via wildcard certs and overrides on certificate checking by corporate IT
departments, possibly ISPs, user anti-virus software, compromise of a CA
by state actors or hackers, etc.)� The premise of https is very pretty
but the implementation -- not so much. Nonetheless a whole lot of
commerce and such depends on it, because all three are required for
commerce so imperfect beats nothing.

But in the context of code distribution I care not about #3.� I care
/very much /that /the code is untampered with/ (#2)/, /but note that I
really _*don't*_ care about #3 at all because the code is /intentionally
published to the public at large/ and I don't care _*much*_ about #1 (if
someone mirrors the source /exactly /then whether I get it from
FreeBSD's server or some interloper doesn't really matter either.)

SVN's shortcoming is that it does nothing for #2 on an inherent basis
and this debate is thus about trying to use a tool that allegedly does
three things when we really only need one of them.

Maybe it's time to move toward something that can for source
distribution to the public (e.g. Git) instead of trying to abuse
something that we know can't actually meet the criteria required?

Just sayin'.....

-- 
Karl Denninger
karl@denninger.net <mailto:karl@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/

[-- Attachment #2 --]
0�	*�H��
��0�10
	`�He0�	*�H��
��
�0��0����H���^��Ōc!5�
�H0
	*�H��
0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA0
170817164217Z
270815164217Z0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA0�"0
	*�H��
�0�
��h�-5B>[���;��o���l�Ӵ��0~͎O9}�9�Y��e������*�������$��g��!uk�vʶ�LzN�`jL�>��MD'7U4����5C�B�+�kY`bd����~b*�c3�N��y-�78j�u�]9H�e��uέ�sӬD��ؽ�m��gw�ER�?�&U�UR�j����'�}�9n�WD i�`XcbG��z�\g������G=��u�%���\�O�i1���3���ߝ4�
�K4�4p�YQr]�Ie�/r�0+��eEޝݖ0��C15�M��ݚ@J�SZ(zȏ�N�Ta�(2��5�D�D5���.l�<g[[Za��r�Q�Q%�Bu�ȴ����~~`���I�oh�R�b����ʳ��ڟ���u�2���M�S��8E�dF��UC���l�CM�aѳ����!����}ș�+�2��k��/�bų�E,��n�当ꖛ\�(8�WV�8	d]�b�	�������y�X��w	܊�:I�39��
0�0U]�^§������Q�\ӎ�0��U#��0�����T0�3���9�N0b������0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA�	�@�U��i0U�0�0U��0
	*�H��
���:P U!>v�����J�ni��o�-����#�ן�]Wyu�j���ǑR̀��Q�
�nƇ�!GѦF��g\�yLx�g�w=�O�P��yceh�f[���}�ܷ�['4�ڝ�\[p6\o.��B&�JF���"�ZC{;�*o�*�mc��Cc�LY߾�`
�t�*�S!����񫶭�(���`�]D�HP�5���A~/�N���Pp�����6�=�m��h�k�밣'd���oA$�86hm����5���Ӛ��S@�j���ެE���gl��
�)�0JG���`%�k�3�5��P��a��C?���σ
׳HE�t}!�P���㏏%*���B�xb��Q�waKG����$6h�¦��M�v��e;��[o��-�Iی��&
���I,��T��c�ߎ#t �wPA�@��l0�P�+�KXB��պT	z���G�v;N��c��I3��&��JĬ���UP�N��a��?�/�%�W��6G۟N�0�00����k���#X��d��\�=0
	*�H��
0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA0
170817212120Z
220816212120Z0W10	UUS10UFlorida10U
Cuda Systems LLC10Ukarl@denninger.net0�"0
	*�H��
�0�
��T��[I�-ΆϏdn;�Å�@שy���.u�s�~_�Z�G%<��M��Y��d�\g��v�f��n�s�a��1'6����E�gyjs�"C� [�{��~��_���K���Pn+<�*�pv���#Q�����+��H���/���7[-v��qD��V^U>�f��%�GX�)��H.��|l`�M(C�r�>е͇6����#�o��dc"Y�ljҦ�ln8�@�5S�A�0���&ۖ"���OGj?��U��DWZ5	��dDB7k-)�9�����I�zs��-�JA���v
��J��6L���$�Ն����1Sm�Y.��Lqw*��SH;E��F'�D�Ħ��H��]��M��O��������g���Q���Q�|M�ٙ��ג2Z��9y��@���y�]}6ٽe��Y9��Y2�xˆ�$T�=�e�CǺ��ǵb�n֛�{��j��|��@�LL�t�1�[D�k5:$=�	`�	�M���0��0<+00.0,+0� http://ocsp.cudasystems.net:88880	U00	`�H��B�0U��0U%0++03	`�H��B
&$OpenSSL Generated Client Certificate0U�%�՞V=���؁�;�bzQ0��U#��0���]�^§������Q�\ӎϡ�����0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems CA1!0UCuda Systems LLC 2017 CA��H���^��Ōc!5�
�H0U0�karl@denninger.net0
	*�H��
��۠�A0�-j%-�-$%���g2#ޡ��1�^��>���{K+�u��GE���v1���ş7Af&b�&O�;.��;A5���*U��)N��D2bF��|\=�]<�sˋL!��wrw���٧>��Y���M���Ä���3\mW�R�� h�Sv���!�_�zv�����l�?� ��3_�� �xU%�\�^����#���O*���Gk̍�YI_�&�Fꊛ�����@&�1�n�������}� ͬ:��{�hT�P3��B.�;���bU�8:Z��=^���Gw�8���!k-��@���x�E��@�i�,+'�Iᐚ:f��hz�tX7/�(h�Y`��� O�.������1}a`�%�RW��^�a�k������ǂp�C�Au�fgDix�UT��Щ/�7��}�%=j��nVZvcF����<�M=
�2^G�KH5魉
�_���O�4ެ�Byʈ���y��S��k�w=5�@h�.0�z�>�
W�1�0�0��0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0
	`�He��E0	*�H��
	1	*�H��
0	*�H��
	1
171211160620Z0O	*�H��
	1B@&�8��a�В�>����@n�j���5���C�]B�(�;}9�F�6��L��3�z��{)j�Y)_0l	*�H��
	1_0]0	`�He*0	`�He0
*�H��
0*�H��
�0
*�H��
@0+0
*�H��
(0��	+�71��0��0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0��*�H��
	1�����0{10	UUS10UFlorida10U
Cuda Systems LLC10UCuda Systems CA1%0#UCuda Systems LLC 2017 Int CA��k���#X��d��\�=0
	*�H��
�X|�%l���|WJb@����	�x8RP��נ��'+�s�o�b�n/T�K4×r�6�B��
W��X�5��1H��+z�:���G`}���x061�_����3�VoŲ󦺙QX!�w��}=/�/K�r�u�4pQ�3�yQ&f[W_�R0�R�P>9	�'&9��k���|��=D]�9�!39E��1��5{�H/�s�(�g[�a��LZ�9�Z��1��O �:*���
a����:Zq�9����]��n����Y�}�#Gz��H�����c�PH�-v_�p�f��
�7��a������7��.��L�[ �DD�Df�>Z���$Zۇ��B!uRá�E����/����X�Odx*�o�?�Ʉ����s�8�t��w*덵\Z��1ܑCc=w_�o�=�v��!���*� UQ�j�&�4��v�?W$��o����xqY$˵0��T����
ʟ���?�����79v��ivrx�O]�,cBX�Oj1a@
���H��C����

help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b35214b2-6724-964f-9c05-107c153d0bbd>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation