Date: Thu, 17 Sep 2015 23:20:31 -0400 From: grarpamp <grarpamp@gmail.com> To: freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org Subject: HTTPS on freebsd.org, git, reproducible builds Message-ID: <CAD2Ti2_YNkNi2b=PzFCwu3PVaP8hOzADys3=-k0AqvsDRhJpzA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Is there some reason "freebsd.org" and all it's subdomains don't immediately 302 over to https foreverafter? Same goes for use of svn, which has no native signable hashed commit graph, as freebsd's canonical repo... instead of git which does. Not to mention the irreproducible builds / pkgs / ISO's. These days these flaws are more than a bit ridiculous, especially for an OS, which by definition [excepting the hardware] should be your root of trust. Can we get a wiki project page and some traction on this? Thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti2_YNkNi2b=PzFCwu3PVaP8hOzADys3=-k0AqvsDRhJpzA>