From owner-freebsd-security@freebsd.org  Fri Sep 18 01:09:30 2020
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B3DFE3F3B8C
 for <freebsd-security@mailman.nyi.freebsd.org>;
 Fri, 18 Sep 2020 01:09:30 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-ed1-x542.google.com (mail-ed1-x542.google.com
 [IPv6:2a00:1450:4864:20::542])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Bswj55QQwz3f0Z
 for <freebsd-security@freebsd.org>; Fri, 18 Sep 2020 01:09:29 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-ed1-x542.google.com with SMTP id c8so4414186edv.5
 for <freebsd-security@freebsd.org>; Thu, 17 Sep 2020 18:09:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
 bh=NuKZQ/eHc1EvxvMxH5DpkGzHdDiENNyH/x2m1WutTjc=;
 b=mhLJ3LQUSNgquyes0aSzoKWGSwOS/vhpMYKSq+CDld62irvhNwn8e8k/L0+2SnBkJ5
 WdEExPgIFIDpSq4ct1NDXbmSEbPfM3XwLmgaaqbtNnlmZR9rEB4B/nbe59eOm8IGnvdm
 yz1xrgGhQz0CBN+ouTAkvNghCXLFpKxJ7I2Nu2GBu/SFHs0kylk9OjYYAQKOLem9sL6L
 IsVOQQsMZguPoXnDhuFF8K4NhwQoic8Rj6xgFOIWhyDRo8B52S3fNBO6Vzv2GXOifce8
 Ui0luQR10DlDoTaLwWfyCUI79G/C77OyrAGDlC+zowORa+aMncNqYkxHZf5n7eR8lNiy
 Sg8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=NuKZQ/eHc1EvxvMxH5DpkGzHdDiENNyH/x2m1WutTjc=;
 b=BAHKJ7epG7YiFlN285864yg2CFkx6SzxXVMgwO/Mi7ocwzg0P91Qu71C6NwDqk4Fsx
 FuLqxD2Btr75LJAiHJXka+ElpA2XmgelF2h15G5mnvW41KTrrkB8tR+FAq2HyhFHDQ0R
 sXfqQkSiCT5KeNAXWdXdGS7aCI/79hBivyq0PF/lxym+XoQgngY2fT947hpl9bfJnuwi
 M880GDPgv/+6B55Y5rDathbkBa2DUR5sPHpSzDST+E6xyvdXaqvqG9xbOUrhF9pPipkt
 3SViEOIiGWs2axs8XCZBqVhaDyOboruPNJPkDTR2qjpWoAHyimn2JYFKdcldjp+svX/4
 S9aQ==
X-Gm-Message-State: AOAM531BxKh2plZlIqUqf6sZwO8OKex7dsV/yG8E7ZLcMIPVAB7SYMjp
 0wKpQJNkP2u7+lDOgVoBv67Odbx14ATPPCSz4iFNxWhyg1Vo+A==
X-Google-Smtp-Source: ABdhPJyvtxnJ5mUYVQLrPugMY4zvP/s/1zwgqJWSEj0GEeVaz32LwTaz1mSrJd8c8CF/kzL6OoJG/g4M0eVH5F9SwiA=
X-Received: by 2002:a05:6402:b9a:: with SMTP id
 cf26mr29202653edb.375.1600391366951; 
 Thu, 17 Sep 2020 18:09:26 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:ab4:9f4a:0:0:0:0:0 with HTTP; Thu, 17 Sep 2020 18:09:26
 -0700 (PDT)
In-Reply-To: <20200918001257.GI26726@FreeBSD.org>
References: <CAD2Ti2-YFpWp3-Ctc+raDhrW=4GQ0oQvX2Uau9QHrxU3yTS-ag@mail.gmail.com>
 <20200917204102.GG26726@FreeBSD.org>
 <CAD2Ti2_ewtpH5wiZZKB=p+2u2+UpRGuD+tpF55NDP+FuNU8XrA@mail.gmail.com>
 <20200918001257.GI26726@FreeBSD.org>
From: grarpamp <grarpamp@gmail.com>
Date: Thu, 17 Sep 2020 21:09:26 -0400
Message-ID: <CAD2Ti28c74jVbt2u9X1M7GHf+4d4YuZAQbDTg8rftBFNQZjpGQ@mail.gmail.com>
Subject: Re: 12.2R Sigs
To: freebsd-security@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 4Bswj55QQwz3f0Z
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=mhLJ3LQU;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates
 2a00:1450:4864:20::542 as permitted sender) smtp.mailfrom=grarpamp@gmail.com
X-Spamd-Result: default: False [-3.56 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-0.97)[-0.972];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025];
 RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c];
 FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org];
 TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_HAM_LONG(-1.01)[-1.015]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 DKIM_TRACE(0.00)[gmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::542:from];
 NEURAL_HAM_SHORT(-0.57)[-0.570]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-security];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2020 01:09:30 -0000

>> > And there is the PGP-signed email to stable@ that contains
>> > them.
>>
>> Future noting that lists do not support foreknown path schemes
>> for that data. Whereas repo, website and dataset locations are more
>> predictable and programmatic... allowing fetching, validation, etc.
>
> And for RC builds, they are predictable and programmatic.

Users would have to get and search the entire lists content to
find such sig posts, unfortunately no there are no nice predicted
paths to such single emails supporting simple fetch of associated
sig infos, ie: no schema <service>://<path_to_data>/13.x/<foo>.asc

Mail are not, it can't... ie: it has no hier, path, file globbing regex *, etc.

The website and distribution methods mentioned earlier are
possible. (Now just for RC and RELEASE, as clarified in thread.)

Website has them in nice paths today,

individually...
https://www.freebsd.org/releases/12.1R/signatures.html

and in bulk...
https://www.freebsd.org/releases/12.1R/announce.asc

but they are not present in what should be their natural
cohabitation set within the other distribution methods,
such as the case of https / ftp / rsync / torrent / etc for...
https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/12.1/

> I am not on postmaster.

What that mean in context?
Only some volunteer for that role, as any other,
it's ok not to be in two or more of them.