From owner-svn-src-head@freebsd.org Tue Mar 27 15:41:04 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C22C8F627CC; Tue, 27 Mar 2018 15:41:04 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 476736CF10; Tue, 27 Mar 2018 15:41:04 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id w2RFf2dO052689; Tue, 27 Mar 2018 08:41:02 -0700 (PDT) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id w2RFf2YM052688; Tue, 27 Mar 2018 08:41:02 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <201803271541.w2RFf2YM052688@pdx.rh.CN85.dnsmgr.net> Subject: Re: svn commit: r331618 - head/share/man/man7 In-Reply-To: To: cem@freebsd.org Date: Tue, 27 Mar 2018 08:41:02 -0700 (PDT) CC: Benjamin Kaduk , svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers Reply-To: rgrimes@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Mar 2018 15:41:04 -0000 > Thinking of the network as attacker-controlled is fine, but without > the CA certificate database in ports, TLS provides neither data > integrity nor confidentiality.[0] > > Even with certificate validation, it's unlikely that TLS provides > meaningful confidentiality for svn.freebsd.org ? IP still exposes the > server's address: > > $ host 8.8.178.107 > 107.178.8.8.in-addr.arpa domain name pointer svnmir.ysv.freebsd.org > > Even a naive network attacker can determine that you are interacting > with a FreeBSD source mirror, and can determine the direction of the > flow of information based on simple count of upload / download bytes. Without the private part of the TLS they can not alter that data, correct? I know there are TLS intercepts, but they require you to get the client to accept an alternate cert to proxy the connection. > > Best, > Conrad > > P.S., we should probably ship a CA database in base. Maybe with an > override version in ports to match our release model. But, base > should be able to authenticate certificates out of the box. I believe there is a group of people working on that issue some place, or at least I recall seeing it as an adgenda item. > [0]: https://github.com/moxie0/sslsniff > > On Tue, Mar 27, 2018 at 8:01 AM, Benjamin Kaduk wrote: > > On Tue, Mar 27, 2018 at 9:57 AM, Rodney W. Grimes > > wrote: > >> > >> > Author: trasz > >> > Date: Tue Mar 27 14:51:19 2018 > >> > New Revision: 331618 > >> > URL: https://svnweb.freebsd.org/changeset/base/331618 ... -- Rod Grimes rgrimes@freebsd.org