From owner-freebsd-current@freebsd.org  Sat Jan  2 22:12:55 2021
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 300344BA631
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Sat,  2 Jan 2021 22:12:55 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com
 [IPv6:2a00:1450:4864:20::62b])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4D7bjy1XYsz3Jrl
 for <freebsd-current@freebsd.org>; Sat,  2 Jan 2021 22:12:54 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-ej1-x62b.google.com with SMTP id ce23so31622782ejb.8
 for <freebsd-current@freebsd.org>; Sat, 02 Jan 2021 14:12:54 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=MJJ9Iabn/Ezbs00bFCHPam3fKdI35szLfWBBFrosdd0=;
 b=hzRn42EQY5Cr6GuGKQQLJgxBCgrCXpDjDYznjJpEdjgCJKFhyqsPfRJdGjGyu8aE9i
 1eQM/B4eNLE7WPLGw61Z3IvuzS7udIbAmonleEWyVbR/xDELffaQk9zPT3soSr+63KlF
 rzlQqLtsdwW8wYiZuMoJGnZU5dZhvd909L+SN+vXY0Oms5y5OLaw7mrrBnwD0I2sqYo/
 /ssoQETY9oiOWQhxT21Su+kKp1jv6i1H9Ro9C2QH4grfssd5yxIuZcO7LfXVg3FpEo4W
 qYCmFdHKFGDILXiTxnMZN60lTdBBsGidGhqzTOKgyS/PxJzwdK6w7zfK1bnwr4wh2r0U
 rHlw==
X-Gm-Message-State: AOAM530ol6u6QYTv/tm3BuiUE+EdfMJagMdbRiRgpvFv6+h09pcSnsiZ
 clMW61eKrZ/hT9sHQ4uK001V6KtilXAYt5qgwmQC6Gdp9QkMRg==
X-Google-Smtp-Source: ABdhPJwnlqHRNN1AACiJewNQcdRcUnZnvot37f9W1knNK9e+17lvCnVvAkjVQ+czxkIEgQUsHQo6tNOnagzpdIrZ+o8=
X-Received: by 2002:a17:906:b082:: with SMTP id
 x2mr57760570ejy.100.1609625571384; 
 Sat, 02 Jan 2021 14:12:51 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a54:3d8d:0:0:0:0:0 with HTTP;
 Sat, 2 Jan 2021 14:12:50 -0800 (PST)
In-Reply-To: <66834.1609616593@critter.freebsd.dk>
References: <20201223162417.v7Ce6%steffen@sdaoden.eu>
 <20201229011939.GU31099@funkthat.com>
 <20201229210454.Lh4y_%steffen@sdaoden.eu>
 <20201230004620.GB31099@funkthat.com>
 <CAD2Ti2-4xS5n0+1oLOHyFh4+OCnwtNAAwMkkWzwRVDnt-xmb1Q@mail.gmail.com>
 <20201231193908.GC31099@funkthat.com>
 <CAD2Ti2-dKMOx2-k71UyZs1kAGCXPuVwO9ee861oRFNV=aCfuqA@mail.gmail.com>
 <20210101140857.x3hbci6c4nwi7gl7@mutt-hbsd>
 <slrnruv17k.rlr.naddy@lorvorc.mips.inka.de>
 <CAKBkRUy_MJDpROVbX=MhvHvdBJTEaYU83cHMHaqsEDcLX4KKRw@mail.gmail.com>
 <20210102021254.35o3snqb5fcvmbt3@mutt-hbsd>
 <60082.1609572957@critter.freebsd.dk>
 <CAD2Ti2-9gsLXv0DqbBfn6K=Ded+My1grYpwV3EAKf8mW_V=baA@mail.gmail.com>
 <66834.1609616593@critter.freebsd.dk>
From: grarpamp <grarpamp@gmail.com>
Date: Sat, 2 Jan 2021 17:12:50 -0500
Message-ID: <CAD2Ti29apbmXL2fUhhUmWRmfX3026==mYFYzoO+tw=iryedEhA@mail.gmail.com>
Subject: Re: HEADS UP: FreeBSD src repo transitioning to git this weekend
To: freebsd-current@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 4D7bjy1XYsz3Jrl
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.98 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 NEURAL_HAM_SHORT(-0.98)[-0.976]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+];
 RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::62b:from];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org];
 RCPT_COUNT_ONE(0.00)[1];
 SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::62b:from:127.0.2.255];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::62b:from];
 RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[];
 MAILMAN_DEST(0.00)[freebsd-current]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Jan 2021 22:12:55 -0000

>> Though it can help attribute that to a source,

Meaning to source 'account', vs say weak old CVSROOT
that any could text edit on 200 account box, claim bitrot, etc.
Whether inspiration came from the pet dog's bug report
is moot, more secure systems narrow into accounts that
would then be examined for sensibility post. Even better before
then, said fun audit teams raise the cost to compromising
all N randomly changing slots on it, much harder to game than
a single endpoint. Audit counters by a bit different path than the
IT-people problems, does insert time in the process, yet can also
payoff by quality, and by rotating participants gaining broader
experience with entire codebase, and can even payout from said
10x crypto pot for bugs. Defense in depth, many knobs in the
orchestra, turn to set how you want, yet consider before leaving
any set too near zero.

Good that git monotone hashtrees keys TLS sigs pubkey
fingerprints pins TOTP automated lint coverage fuzzing zfs-skein,
etc displacing equivalents of legacy telnet CVSROOT, in some
OS and projects finally, and that development, being users too,
have interest benefit in, and can contribute to that areas and
transitions too.

Happy hacking in 2021 :)