http subversion URLs should be discontinued in favor of https URLs

Igor Mozolevsky mozolevsky at gmail.com
Sun Dec 10 19:18:18 UTC 2017


On 10 December 2017 at 19:02, John-Mark Gurney <jmg at funkthat.com> wrote:

> Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 17:39 +0000:
> > On 10 December 2017 at 17:32, John-Mark Gurney <jmg at funkthat.com> wrote:
> >
> > <snip>
> >
> > > The discussion has been for svn updates over http, not for
> freebsd-update
> > > updates which are independantly signed and verified..  There is
> currently
> > > no signatures provided via SVN to validate any source received via
> http.
> >
> > There has been no instance of in-transit compromise reported since SVN
> was
> > introduced.
>
> So, you require an exploit in the wild before you'll patch?



No, I'm saying it's not a realistic threat model! If the threat is the
integrity of the source code in transit, then it'd be way cheaper and way
more reasonable to implement a Merkle Tree-like verification with each
revision.


-- 
Igor M.


More information about the freebsd-security mailing list