Date: Mon, 11 Dec 2017 16:16:03 +0000 From: Igor Mozolevsky <mozolevsky@gmail.com> To: Karl Denninger <karl@denninger.net> Cc: freebsd security <freebsd-security@freebsd.org> Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <CADWvR2iniO6abv3voUS8ErOeqEf9zUvWysuoZ3RqYbM5t219UQ@mail.gmail.com> In-Reply-To: <b35214b2-6724-964f-9c05-107c153d0bbd@denninger.net> References: <11532fe7-024d-ba14-0daf-b97282265ec6@rawbw.com> <8788fb0d-4ee9-968a-1e33-e3bd84ffb892@heuristicsystems.com.au> <20171205220849.GH9701@gmail.com> <24153.1512513836@critter.freebsd.dk> <1C30FE91-753A-47A4-9B33-481184F853E1@tetlows.org> <867etyzlad.fsf@desk.des.no> <1291.1512658230@critter.freebsd.dk> <2a8d9a0a-7a64-2dde-4e53-77ee52632846@tjvarghese.com> <CAC0r6X94N4Dv=droSC=B8ri-sH2eb9gJgdvpVqwPt0pSenXfog@mail.gmail.com> <slrnp2t7rl.nqg.naddy@lorvorc.mips.inka.de> <20171211151614.76cm7s4zk6go4clo@mutt-hbsd> <b35214b2-6724-964f-9c05-107c153d0bbd@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11 December 2017 at 16:06, Karl Denninger <karl@denninger.net> wrote: <snip> SVN's shortcoming is that it does nothing for [integrity] on an inherent > basis > and this debate is thus about trying to use a tool that allegedly does > three things when we really only need one of them. > <snip> This is precisely why I suggested that something along the lines of a Merkle Tree of signed hashes over the revisions would provide adequate integrity, and I am guessing it'd be pretty straight forward to implement with SVN hooks (maybe?). I just don't have the time to look into it in any details. -- Igor M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADWvR2iniO6abv3voUS8ErOeqEf9zUvWysuoZ3RqYbM5t219UQ>