From owner-freebsd-security@freebsd.org  Fri Sep 18 14:00:19 2015
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D78629CE619
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Fri, 18 Sep 2015 14:00:19 +0000 (UTC)
 (envelope-from feld@FreeBSD.org)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com
 [66.111.4.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id ACB871B4A
 for <freebsd-security@freebsd.org>; Fri, 18 Sep 2015 14:00:19 +0000 (UTC)
 (envelope-from feld@FreeBSD.org)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42])
 by mailout.nyi.internal (Postfix) with ESMTP id EF9CF20619
 for <freebsd-security@freebsd.org>; Fri, 18 Sep 2015 10:00:18 -0400 (EDT)
Received: from web3 ([10.202.2.213])
 by compute2.internal (MEProxy); Fri, 18 Sep 2015 10:00:18 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-transfer-encoding:content-type
 :date:from:in-reply-to:message-id:mime-version:references
 :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=lI0RxlkL3QRYF1I
 x3uaYAyWumOE=; b=ehp+u1e8/yaPx2fVCCCMpMt/HIEQ9JPfV+zk9Wm1aFVTwKu
 +MFE1YE7T1CFaF/IDrgL4j2x7+Cg2dpsHIS5tuh4bQPpiNUvLwpQbhENS+TMHi9X
 S/ixUSY7M8qF8V9rUi23lk0N94zxYxXrc+cYGaXcWc0D86pf1LL7uAjsfoQw=
Received: by web3.nyi.internal (Postfix, from userid 99)
 id C3A0E11068E; Fri, 18 Sep 2015 10:00:18 -0400 (EDT)
Message-Id: <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com>
X-Sasl-Enc: s94j5RhKUGXHIzOwejcRT3/Qcq3QnlJ5qXxFf1YdCIdp 1442584818
From: Mark Felder <feld@FreeBSD.org>
To: =?ISO-8859-1?Q?Dag-Erling=20Sm=F8rgrav?= <des@des.no>,
 Daniel Feenberg <feenberg@nber.org>
Cc: freebsd-security@freebsd.org, grarpamp <grarpamp@gmail.com>,
 freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-e92f8263
Subject: Re: HTTPS on freebsd.org, git, reproducible builds
Date: Fri, 18 Sep 2015 09:00:18 -0500
In-Reply-To: <86r3lvdeah.fsf@nine.des.no>
References: <CAD2Ti2_YNkNi2b=PzFCwu3PVaP8hOzADys3=-k0AqvsDRhJpzA@mail.gmail.com>
 <alpine.LRH.2.11.1509180646470.14490@nber4.nber.org>
 <86r3lvdeah.fsf@nine.des.no>
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2015 14:00:19 -0000



On Fri, Sep 18, 2015, at 08:53, Dag-Erling Sm=F8rgrav wrote:
> Daniel Feenberg <feenberg@nber.org> writes:
> > Is there a reason to encrypt something that is completely public?
>=20
> Watering hole attacks.

Watering hole attack describes the *site* being compromised because it's
popular and you know the target(s) will go there. HTTPS is irrelevant.

https://en.wikipedia.org/wiki/Watering_Hole

--=20
  Mark Felder
  ports-secteam member
  feld@FreeBSD.org