http subversion URLs should be discontinued in favor of https URLs

Igor Mozolevsky mozolevsky at gmail.com
Sun Dec 10 19:49:36 UTC 2017


On 10 December 2017 at 19:42, John-Mark Gurney <jmg at funkthat.com> wrote:

> Igor Mozolevsky wrote this message on Sun, Dec 10, 2017 at 19:17 +0000:



<snip>


> No, I'm saying it's not a realistic threat model! If the threat is the
> > integrity of the source code in transit, then it'd be way cheaper and way
> > more reasonable to implement a Merkle Tree-like verification with each
> > revision.
>
> Then you should be fine w/ http for banking sites, since it's not realistic
> that your ISP will MITM your connection to steal money from you, right?
> I don't know of a single instance of an ISP MITM'ing banking transactions
> to steal money.




Entirely different threat model that has nothing to do with MITM but a lot
to do with bank-website mimicry! If I connect to MoneyBags, Inc, I want to
be sure that everything I send is received at MoneyBags, Inc, and not
someone pretending to be MoneyBags, Inc. If I connect to svn.example.com,
all I care about is that the Merkle Tree holds, not whether svn.example.com
or svn.middleman.example.com provided it.


-- 
Igor M.


More information about the freebsd-security mailing list