On 2024-02-15 15:55, Shawn Webb wrote:
..
I'm curious to learn why you chose http:// rather than https://.
Because https:// only adds work. And work is heat.
bsdinstall uses the MANIFEST to confirm integrity.
If your bsdinstall and MANIFEST are from a trustworthy source, anything
downloaded over http:// will be trustworthy. Just as trustworthy, in fact,
as anything downloaded over ftp://.
There is the problem of metadata leakage, which HTTPS helps to address
(though not completely.)
The connection itself leaks the significant part, no matter if it's HTTP
or HTTPS.
Anything else from the header, which is plain on HTTP vs. HTTPS, doesn't
tell much more: A 500MB stream from ftp.freebsd.org let's anyone guess
you're downloading a setup image. Which one exactly isn't hurting
privacy imho, nor which agent is in use etc...
I totally agree that general TLSing is a bad idea.
Another advantage of HTTP (plain) vs. HTTPS is that proxies can easily
cache, saving load from the net and the servers alike.
(if intercepting beforehand anyways - which is 'standard' wherever I
access the internet @work! - caching would work too of course, but in
real world, the mitm-boxes rarely are proxies. Even small sized
companies utilize F.ate/P.lto SSL-inspection feature - cheap and easy to
turn on. If TLSing madness wouldn't have caused encypted
weather/newspaper/ads, maybe we wouldn't have precautionary
man-in-the-middle boxes all over the places - which do inspect banking
and everything else if not carefully extra ruled out)
Just my 2 ¢
