On 12.12.17 15:28, Poul-Henning Kamp wrote:
For the FreeBSD SVN tree, this could almost be as simple as posting
an email, maybe once a week, with the exact revision checked out
and the PGP signed output of:
svn co ... && find ... -print | sort | xargs cat | sha256
Such an archive would also be invaluable for reauthenticating in
case, somebody ever manages to do something evil to our repo.
Solve the problem at the correct location -- either fix svn to sign and
verify updates or dump it for something that can and use that existing
mechanism (e.g. git)
As I mentioned humoursly to you in private email, I don't think
this particular problem will reach consensus any sooner if you
also tangling it in the SVN vs GIT political issue.
How about an uncompressed tarball signed with signify? It could be
replicated with rsync (or zsync) and getting security patches wouldn't
require lots of network bandwidth.
I still prefer to encrypt every transfer with PFS only protocols, but
even with transport encryption in place content authentication is still
valuable because it allows the use of caching proxies.
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
