> Thinking of the network as attacker-controlled is fine, but without > the CA certificate database in ports, TLS provides neither data > integrity nor confidentiality.[0] > > Even with certificate validation, it's unlikely that TLS provides > meaningful confidentiality for svn.freebsd.org ? IP still exposes the > server's address: > > $ host 8.8.178.107 > 107.178.8.8.in-addr.arpa domain name pointer svnmir.ysv.freebsd.org > > Even a naive network attacker can determine that you are interacting > with a FreeBSD source mirror, and can determine the direction of the > flow of information based on simple count of upload / download bytes.
Without the private part of the TLS they can not alter that data, correct? I know there are TLS intercepts, but they require you to get the client to accept an alternate cert to proxy the connection. > > Best, > Conrad > > P.S., we should probably ship a CA database in base. Maybe with an > override version in ports to match our release model. But, base > should be able to authenticate certificates out of the box. I believe there is a group of people working on that issue some place, or at least I recall seeing it as an adgenda item. > [0]: https://github.com/moxie0/sslsniff > > On Tue, Mar 27, 2018 at 8:01 AM, Benjamin Kaduk <bjkf...@gmail.com> wrote: > > On Tue, Mar 27, 2018 at 9:57 AM, Rodney W. Grimes > > <free...@pdx.rh.cn85.dnsmgr.net> wrote: > >> > >> > Author: trasz > >> > Date: Tue Mar 27 14:51:19 2018 > >> > New Revision: 331618 > >> > URL: https://svnweb.freebsd.org/changeset/base/331618 ... -- Rod Grimes rgri...@freebsd.org _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"