From owner-freebsd-security@freebsd.org  Sat Sep 19 00:37:16 2015
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D95B0A039BC
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Sat, 19 Sep 2015 00:37:16 +0000 (UTC)
 (envelope-from brett@lariat.org)
Received: from mail.lariat.net (mail.lariat.net [66.62.230.51])
 by mx1.freebsd.org (Postfix) with ESMTP id 7B4851D8C
 for <freebsd-security@freebsd.org>; Sat, 19 Sep 2015 00:37:16 +0000 (UTC)
 (envelope-from brett@lariat.org)
Received: from Toshi.lariat.org (IDENT:ppp1000.lariat.net@localhost
 [127.0.0.1]) by mail.lariat.net (8.9.3/8.9.3) with ESMTP id IAA15072;
 Fri, 18 Sep 2015 08:44:33 -0600 (MDT)
Message-Id: <201509181444.IAA15072@mail.lariat.net>
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Fri, 18 Sep 2015 08:44:04 -0600
To: Ben Bailess <ben.bailess@gmail.com>, freebsd-security@freebsd.org
From: Brett Glass <brett@lariat.org>
Subject: Re: HTTPS on freebsd.org, git, reproducible builds
In-Reply-To: <CACf9JSXsEBBMmo57OB_cqgRM7SvbW+dh7n0ybDg2kX4EGyMVjw@mail.g
 mail.com>
References: <CAD2Ti2_YNkNi2b=PzFCwu3PVaP8hOzADys3=-k0AqvsDRhJpzA@mail.gmail.com>
 <alpine.LRH.2.11.1509180646470.14490@nber4.nber.org>
 <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl>
 <CACf9JSXsEBBMmo57OB_cqgRM7SvbW+dh7n0ybDg2kX4EGyMVjw@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Sep 2015 00:37:16 -0000

At 08:07 AM 9/18/2015, Ben Bailess wrote:

>I have to echo this sentiment -- authentication is important, and so is
>integrity. HTTPS would provide both -- to be sure you're talking to the
>"real" FreeBSD and give you confidence that your page content has not been
>altered in transit by a network adversary (e.g. if you are using Tor)*.

I'd mainly be concerned about downloads of distros or updates being
tampered with. Worms are appearing that infect not only PCs but also
routers (e.g. the "Moon" worm, which affected most Linksys models available
at the time), setting up a perfect scenario for an MITM attack that could
substitute an infected file AND a forged checksum for the originals. If
an HTTPS download site were available, I would absolutely prefer it to
an HTTP one. Just my $0.02 USD.

--Brett Glass