From owner-freebsd-questions@FreeBSD.ORG  Fri Apr 11 07:46:28 2014
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 82D78F7E;
 Fri, 11 Apr 2014 07:46:28 +0000 (UTC)
Received: from mail.ru.ac.za (mail.ru.ac.za
 [IPv6:2001:4200:1010:0:250:56ff:fe8d:5])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 17A1612D8;
 Fri, 11 Apr 2014 07:46:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ru.ac.za;
 s=ru-msa; 
 h=X-Authenticated-User:Content-Type:MIME-Version:Subject:To:From:Date:Message-ID;
 bh=lbkRa8eLNOXsYzPh893oSeJvk0y6b0hk4i3BsvIewm0=; 
 b=m7z9hA3xYcqffLXmpgQSz7mYIDmEKuntYJsxvsz7wrytp3hu/6zQPtacpG6DP1ufrH9VZKcPPjLYgBwxoj8Tu3PqmHkycZam0R/nvKP2COYzJc63kN1YWNBQhWR0KulM;
Received: from webmail.ru.ac.za ([146.231.128.26]:35818 helo=localhost)
 by mail.ru.ac.za with esmtpsa (TLSv1:AES256-SHA:256)
 (Exim 4.76 (FreeBSD)) (envelope-from <J.McKeown@ru.ac.za>)
 id 1WYWAG-0003yK-9G; Fri, 11 Apr 2014 09:46:20 +0200
Received: from vorkosigan.ru.ac.za (vorkosigan.ru.ac.za [146.231.89.1]) by
 webmail.ru.ac.za (Horde Framework) with HTTP; Fri, 11 Apr 2014 09:46:20
 +0200
Message-ID: <20140411094620.78881cjb990bw8gc@webmail.ru.ac.za>
Date: Fri, 11 Apr 2014 09:46:20 +0200
From: J.McKeown@ru.ac.za
To: David.I.Noel@gmail.com
Subject: Re: MITM attacks against portsnap and freebsd-update
References: <CAHAXwYCGkP-o0VvMXj5S8-KNA45aTvy+srjDL_=8-x9Dza5z5Q@mail.gmail.com>
In-Reply-To: <CAHAXwYCGkP-o0VvMXj5S8-KNA45aTvy+srjDL_=8-x9Dza5z5Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
 charset=ISO-8859-1;
 DelSp="Yes";
 format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.3.10) / FreeBSD-8.2
X-Remote-Browser: Mozilla/5.0 (X11; FreeBSD amd64; rv:26.0) Gecko/20100101
 Firefox/26.0
X-Virus-Scanned: mail.ru.ac.za (146.231.128.20)
X-Authenticated-User: s0900137 from webmail.ru.ac.za (146.231.128.26) using
 auth_plaintext
Cc: freebsd-hackers <freebsd-hackers@freebsd.org>,
 Colin Percival <cperciva@freebsd.org>,
 FreeBSD Questions Mailing List <freebsd-questions@freebsd.org>,
 secteam <secteam@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Apr 2014 07:46:28 -0000

Quoting David Noel <david.i.noel@gmail.com>:

> 4. Retire portsnap.
>
> Details
[snip]
> Retiring Portsnap
>
> With the inclusion of svnlite in 10 I think the valid question comes
> up as to whether we really need the portsnap system or whether it
> could be safely retired.

I see in the PR you suggest getting rid of the portsnap servers as  
well. 8 and 9 are still supported releases. Does this mean that anyone  
running 8.4 or 9.2 is going to lose the ability to upgrade their ports  
tree quickly and easily unless they also upgrade their servers /from a  
supported release/?