http subversion URLs should be discontinued in favor of https URLs
Jan Bramkamp
crest at rlwinm.de
Tue Dec 12 17:22:28 UTC 2017
On 12.12.17 15:28, Poul-Henning Kamp wrote:
> For the FreeBSD SVN tree, this could almost be as simple as posting
> an email, maybe once a week, with the exact revision checked out
> and the PGP signed output of:
>
> svn co ... && find ... -print | sort | xargs cat | sha256
>
> Such an archive would also be invaluable for reauthenticating in
> case, somebody ever manages to do something evil to our repo.
>
>> Solve the problem at the correct location -- either fix svn to sign and
>> verify updates or dump it for something that can and use that existing
>> mechanism (e.g. git)
>
> As I mentioned humoursly to you in private email, I don't think
> this particular problem will reach consensus any sooner if you
> also tangling it in the SVN vs GIT political issue.
How about an uncompressed tarball signed with signify? It could be
replicated with rsync (or zsync) and getting security patches wouldn't
require lots of network bandwidth.
I still prefer to encrypt every transfer with PFS only protocols, but
even with transport encryption in place content authentication is still
valuable because it allows the use of caching proxies.
More information about the freebsd-security
mailing list