From owner-freebsd-current@freebsd.org  Thu Sep  3 01:56:22 2020
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 68E9A3D1001;
 Thu,  3 Sep 2020 01:56:22 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-io1-xd41.google.com (mail-io1-xd41.google.com
 [IPv6:2607:f8b0:4864:20::d41])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BhkS52xyMz4YkL;
 Thu,  3 Sep 2020 01:56:21 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-io1-xd41.google.com with SMTP id d18so985995iop.13;
 Wed, 02 Sep 2020 18:56:21 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=HFgqH82Xt69oG3iVz2eFrspbQAPmaXUvdwTAGO5JWFo=;
 b=aWjFBpTf25ikX4+4Bxw7i/ubisC00IVvo5sRHZkcrglCORq/3ASClhGzPp0aeQViYa
 bESZG+k6j70MbrHtnIu+4QyVxAuZV6cPoa9dbJCcQHcrPN0sDvHQ1ejPm32Zge0H8yw6
 whmeHhtVi9/b0gWcjege9Ss6y/zGEJDq2ZSnJSxR6JUhPSxoa1PFtRtzuk6FuFg5ctsb
 ibTsgCYR/qv33EwXkxSf8zdQ2m7xT1Orli2cOLfaoFHyBDF5IAVNlwIx0vU8hbZpF2Xk
 f4D2K873TI7M6z6b1h1EXXlpTXLxMypDFHFmOxgUJzZJzBGaV5lU8o1/lCGKpD5RqR87
 NJHw==
X-Gm-Message-State: AOAM531LAryJfKbaJzcTyxEuTb6RXnOOwuyXFfXXTsnGeFb3MeRJ/I9v
 x/F3OExZIcVtiTEjdGTNCMUZv+rdct/U+GVf/WREkwngqpRUu6Pg
X-Google-Smtp-Source: ABdhPJyvO+85xy7LnoKXS+OsaOxz8Mw3dr4FHG1myv4oNvIuhT15UjP7qUwMZ2WtKSTl4zFRYG37NiYKOe0AgXx/3RQ=
X-Received: by 2002:a05:6602:1616:: with SMTP id
 x22mr1076286iow.65.1599098179994; 
 Wed, 02 Sep 2020 18:56:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a02:a908:0:0:0:0:0 with HTTP;
 Wed, 2 Sep 2020 18:56:19 -0700 (PDT)
From: grarpamp <grarpamp@gmail.com>
Date: Wed, 2 Sep 2020 21:56:19 -0400
Message-ID: <CAD2Ti28U5SLZP7__R0j33Ri5_QLsO-Q4yaq2Krm9r-wJTtNS=A@mail.gmail.com>
Subject: Where's the fingerprints and sigs? (was: Please check the current
 beta git conversions)
To: freebsd-security@freebsd.org
Cc: shawn.webb@hardenedbsd.org, Ed Maste <emaste@freebsd.org>, 
 FreeBSD Current <freebsd-current@freebsd.org>, freebsd-git@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 4BhkS52xyMz4YkL
X-Spamd-Bar: ----
X-Spamd-Result: default: False [-4.11 / 15.00]; RCVD_TLS_ALL(0.00)[];
 ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025];
 NEURAL_HAM_MEDIUM(-1.04)[-1.038]; FROM_HAS_DN(0.00)[];
 TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
 MIME_GOOD(-0.10)[text/plain];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
 NEURAL_HAM_LONG(-1.02)[-1.021]; RCPT_COUNT_FIVE(0.00)[5];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d41:from];
 NEURAL_HAM_SHORT(-1.06)[-1.055]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 RCVD_COUNT_TWO(0.00)[2];
 MAILMAN_DEST(0.00)[freebsd-security,freebsd-current,freebsd-git];
 SUBJECT_HAS_QUESTION(0.00)[]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Sep 2020 01:56:22 -0000

On 9/1/20, Shawn Webb <shawn.webb@hardenedbsd.org> wrote:
> I'm curious if there's any plans for read-only access over ssh.
> Trusting FreeBSD's ssh key material is likely easier than trusting
> HTTPS in certain regions.

A bit moot when such key materials of all services, and repos,
and ticketing, and reviews, and builds, and downloads, and
packages, forums, and git hashtree initialization first hashes, and
pubkey modulus not just the larger DER's by untrusted/attacking CA's,
etc... are all not sha-256 fingerprint signed and attested to in a base
included textfile, in repo and on website, etc by security officer keys
having good WoT... for users to reference, import, validate, pin down, etc.
And tools for accessing such services often not have fingerprint
pinning options.
Woes be to those using such untrustable massively MITM'd and
spied upon networks as the Internet, Workplace, Home, Travel,
VPN, WiFi, Tor Exits, etc not having any way to authenticate
fingerprints and pin such services back to their favorite OS
project's security apostille office yet.

Security vaunted OpenBSD still serves up via cleartext non-hashtree
anoncvs on non-ecc harware on non-zfs-skein filesystems etc...

So the BSD world must still be thought secure, bit integral, and
trustably accessible without any of these infrastructure tool
fingerprint sig and pin basics... still no need to supply them since
decades since TLS/SSH/etc were deployed...

Right?

Not.

Cheers all :)

[Same for Linux ;]