Re: git: 9c59988175ff - main - bsdinstall: prefer HTTP
- In reply to: Shawn Webb : "Re: git: 9c59988175ff - main - bsdinstall: prefer HTTP"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 22 Apr 2024 09:16:17 UTC
On 2024-02-15 15:55, Shawn Webb wrote: ... >>> I'm curious to learn why you chose http:// rather than https://. >> Because https:// only adds work. And work is heat. >> >> bsdinstall uses the MANIFEST to confirm integrity. >> >> If your bsdinstall and MANIFEST are from a trustworthy source, anything >> downloaded over http:// will be trustworthy. Just as trustworthy, in fact, >> as anything downloaded over ftp://. > There is the problem of metadata leakage, which HTTPS helps to address > (though not completely.) The connection itself leaks the significant part, no matter if it's HTTP or HTTPS. Anything else from the header, which is plain on HTTP vs. HTTPS, doesn't tell much more: A 500MB stream from ftp.freebsd.org let's anyone guess you're downloading a setup image. Which one exactly isn't hurting privacy imho, nor which agent is in use etc... I totally agree that general TLSing is a bad idea. Another advantage of HTTP (plain) vs. HTTPS is that proxies can easily cache, saving load from the net and the servers alike. (if intercepting beforehand anyways - which is 'standard' wherever I access the internet @work! - caching would work too of course, but in real world, the mitm-boxes rarely are proxies. Even small sized companies utilize F.ate/P.lto SSL-inspection feature - cheap and easy to turn on. If TLSing madness wouldn't have caused encypted weather/newspaper/ads, maybe we wouldn't have precautionary man-in-the-middle boxes all over the places - which do inspect banking and everything else if not carefully extra ruled out) Just my 2 ¢