From owner-freebsd-security@freebsd.org Mon Sep 14 10:28:23 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AAA84A0443D for ; Mon, 14 Sep 2015 10:28:23 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 751671A06 for ; Mon, 14 Sep 2015 10:28:22 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 930F069DA; Mon, 14 Sep 2015 10:28:13 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 844DA4E72; Mon, 14 Sep 2015 12:28:12 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Dmitry Morozovsky Cc: freebsd-security@FreeBSD.org Subject: Re: SmartCards/Tokens recommended for TLS CA under FreeBSD References: Date: Mon, 14 Sep 2015 12:28:12 +0200 In-Reply-To: (Dmitry Morozovsky's message of "Fri, 11 Sep 2015 21:09:26 +0300 (MSK)") Message-ID: <86si6hnvlv.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2015 10:28:23 -0000 Dmitry Morozovsky writes: > We used Aladdin Pro (non-Java), but they are long gone, and I could not=20 > reimplement sign tree with sha256 after a dozen of experiments. Aladdin was acquired by SafeNet who have a range of PKI smart cards. I think the SC650 might meet your requirements. It is possible that they still sell the cards you used under a different name. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 03:20:51 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A9BB9CD0C9; Fri, 18 Sep 2015 03:20:51 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ig0-x22d.google.com (mail-ig0-x22d.google.com [IPv6:2607:f8b0:4001:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2B4601840; Fri, 18 Sep 2015 03:20:51 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by igcrk20 with SMTP id rk20so9500921igc.1; Thu, 17 Sep 2015 20:20:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:cc:content-type; bh=HLayvmVNaZjulOHgmfRsM4ukEN5f2xFpR39AKK65cQw=; b=MfRQTJSRSLzIcqAN40oEyH5ZkozHkXjMK1olmXLb7ytIcDMslGDCoSVDnfQou6mTQg daHkTTTQFCY3PEMRyzshQTe2bFJRk2wB6Yi9/LggKn/wfoBPuD4a3Ruar/LGkOiJo69T ziuGKHsdCT0aQ8DsNWvwSYWXhlbbAbe34Uovm8ZTCU2fDv5WYBfDM5nAhds9GOcQbZKN 0XVqLWpMzkG9b77O5/MoGTDpW3bdBEJ71rbFku90ROtUIOWE2eB88n8UsRsv+biH5+V3 RbIIZEjfeW1dZMXL/tBl0Y+/BRbh2JU4SoiV+yZLLknyZXu++yJ4WO6UAuxVPEpzPKz5 /mfQ== X-Received: by 10.50.62.112 with SMTP id x16mr29979773igr.23.1442546450511; Thu, 17 Sep 2015 20:20:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.36.77.77 with HTTP; Thu, 17 Sep 2015 20:20:31 -0700 (PDT) From: grarpamp Date: Thu, 17 Sep 2015 23:20:31 -0400 Message-ID: Subject: HTTPS on freebsd.org, git, reproducible builds To: freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Mailman-Approved-At: Fri, 18 Sep 2015 11:01:31 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 03:20:51 -0000 Is there some reason "freebsd.org" and all it's subdomains don't immediately 302 over to https foreverafter? Same goes for use of svn, which has no native signable hashed commit graph, as freebsd's canonical repo... instead of git which does. Not to mention the irreproducible builds / pkgs / ISO's. These days these flaws are more than a bit ridiculous, especially for an OS, which by definition [excepting the hardware] should be your root of trust. Can we get a wiki project page and some traction on this? Thanks. From owner-freebsd-security@freebsd.org Fri Sep 18 12:21:34 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2444D9CE800 for ; Fri, 18 Sep 2015 12:21:34 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EE8C11834 for ; Fri, 18 Sep 2015 12:21:33 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id E3340209CD for ; Fri, 18 Sep 2015 08:21:32 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Fri, 18 Sep 2015 08:21:32 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=no8RDh/MLCBHfuf WJRkCxD2kFlE=; b=PmttRXE27dSz0zuKqx7Fu8oet7NDNudHW6kNKfp3kmb99GL BCBOldMq3ZEFOo8Y/bLbXUR8vQ1uAytfPuwinrVxrLKdZBRuRbC+RPDsM5mS9mKv YttFM36Ch05rZIZ+DH0InJvZ7desX/2a8VB52svGvX2uiT/ZnvRW6VNCa1mc= Received: by web3.nyi.internal (Postfix, from userid 99) id BE09410CD69; Fri, 18 Sep 2015 08:21:32 -0400 (EDT) Message-Id: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> X-Sasl-Enc: Yqbv6rL/6rf1N7JxT+j0B4NoAd3RXIlDbU6tV5sE9lMv 1442578892 From: Mark Felder To: grarpamp , freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-e92f8263 Subject: Re: HTTPS on freebsd.org, git, reproducible builds Date: Fri, 18 Sep 2015 07:21:32 -0500 In-Reply-To: References: X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 12:21:34 -0000 On Thu, Sep 17, 2015, at 22:20, grarpamp wrote: > Is there some reason "freebsd.org" and all it's > subdomains don't immediately 302 over to > https foreverafter? > What good does https on freebsd.org provide except checking a box that some people are obsessed about right now? You're adding another layer of complexity. The front page, documentation, handbooks, etc are not sensitive data. There are two different opinions on this matter throughout the project: * Encrypt all the things * Encrypt what is necessary If FreeBSD is visibly penalized by Google in the future for not hosting on https it might be worth doing. > Same goes for use of svn, which has no native > signable hashed commit graph, as freebsd's > canonical repo... instead of git which does. > svn is available over https > Not to mention the irreproducible builds / pkgs / ISO's. > Nobody is doing this successfully yet. Last I checked Debian is closest. But keep in mind this is not a security feature, it's debugging feature. You still need to solve backdoored compilers ("use this new double compiler method!" OK...) and then you need to solve backdoored hardware. > These days these flaws are more than a bit ridiculous, > especially for an OS, which by definition [excepting > the hardware] should be your root of trust. > > Can we get a wiki project page and some traction on this? > Thanks. > https://wiki.freebsd.org/ReproducibleBuilds -- Mark Felder ports-secteam member feld@FreeBSD.org From owner-freebsd-security@freebsd.org Fri Sep 18 12:32:32 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DAED89CEF89 for ; Fri, 18 Sep 2015 12:32:32 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B139C1F5A for ; Fri, 18 Sep 2015 12:32:32 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id DCB0A202CE for ; Fri, 18 Sep 2015 08:32:31 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Fri, 18 Sep 2015 08:32:31 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=9rhYKVyvMR6HRbC jUzsqEsCtoNo=; b=et2vVRULAQaW+FGFA1ImCnv6ZUsLZqVh1bV1xMgKMmVhUiI it7mNS389cPgRFC4ui1Tb6AbYwDYdSaTU/CVp5O53n9M6cvFm5I43Vcr/63aQDeK rEW4heHaoCwRkZvfxaa0ZScBfPk+4qDxfZJazgfO+K9OjIzceC/b8DcSv1IU= Received: by web3.nyi.internal (Postfix, from userid 99) id B43BD10E689; Fri, 18 Sep 2015 08:32:31 -0400 (EDT) Message-Id: <1442579551.1810383.387233801.46EBDA6D@webmail.messagingengine.com> X-Sasl-Enc: 5Kd/tGRXqmHtF0yl1Q7fdQJWqLC9cxhIrV4ZCgIXtgRP 1442579551 From: Mark Felder To: grarpamp , freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-e92f8263 Subject: Re: HTTPS on freebsd.org, git, reproducible builds Date: Fri, 18 Sep 2015 07:32:31 -0500 In-Reply-To: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> References: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 12:32:33 -0000 On Fri, Sep 18, 2015, at 07:21, Mark Felder wrote: > > > Same goes for use of svn, which has no native > > signable hashed commit graph, as freebsd's > > canonical repo... instead of git which does. > > > > svn is available over https > I got caught up in the https discussion and didn't cover this properly. No, I don't think we're going to use git any time soon. There's an official mirror here, though: https://github.com/freebsd/ -- Mark Felder ports-secteam member feld@FreeBSD.org From owner-freebsd-security@freebsd.org Fri Sep 18 12:10:51 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0610B9CE01C; Fri, 18 Sep 2015 12:10:51 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from mail2.nber.org (mail2.nber.org [198.71.6.79]) by mx1.freebsd.org (Postfix) with ESMTP id 7565E110B; Fri, 18 Sep 2015 12:10:49 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from nber4.nber.org (nber4.nber.org [198.71.6.74]) by mail2.nber.org (8.15.1/8.14.9) with ESMTPS id t8IBjTjD090576 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 18 Sep 2015 07:45:30 -0400 (EDT) (envelope-from feenberg@nber.org) Date: Fri, 18 Sep 2015 07:45:29 -0400 (EDT) From: Daniel Feenberg To: grarpamp cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds In-Reply-To: Message-ID: References: User-Agent: Alpine 2.11 (LRH 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.39/RELEASE, bases: 20140401 #7726142, check: 20150918 clean X-Mailman-Approved-At: Fri, 18 Sep 2015 12:44:19 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 12:10:51 -0000 On Thu, 17 Sep 2015, grarpamp wrote: > Is there some reason "freebsd.org" and all it's > subdomains don't immediately 302 over to > https foreverafter? Is there a reason to encrypt something that is completely public? Perhaps to allow the visitor to conceal the fact that they are interested in FreeBSD? That won't work, since the IP address of the server can't be encrypted. I feel like I am missing something. dan feenberg From owner-freebsd-security@freebsd.org Fri Sep 18 12:51:08 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2BD929CDAA8; Fri, 18 Sep 2015 12:51:08 +0000 (UTC) (envelope-from phk@phk.freebsd.dk) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) by mx1.freebsd.org (Postfix) with ESMTP id E51541BD3; Fri, 18 Sep 2015 12:51:07 +0000 (UTC) (envelope-from phk@phk.freebsd.dk) Received: from critter.freebsd.dk (unknown [192.168.48.2]) by phk.freebsd.dk (Postfix) with ESMTP id 105783BB88; Fri, 18 Sep 2015 12:51:01 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.15.2/8.15.2) with ESMTP id t8ICp0Gf003048; Fri, 18 Sep 2015 12:51:00 GMT (envelope-from phk@phk.freebsd.dk) To: Mark Felder cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds In-reply-to: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> From: "Poul-Henning Kamp" References: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <3046.1442580660.1@critter.freebsd.dk> Content-Transfer-Encoding: quoted-printable Date: Fri, 18 Sep 2015 12:51:00 +0000 Message-ID: <3047.1442580660@critter.freebsd.dk> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 12:51:08 -0000 -------- In message <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.= com>, Mark Felder writes: >There are two different opinions on this matter throughout the project: > >* Encrypt all the things >* Encrypt what is necessary I can recommend the book "Command & Control" as a very interesting introduction to the value of "proportional response defense". The War On Privacy will not be won by putting HTTP on totally public information like FreeBSD.org, it is a political issue.. The only way to win political issues, is to engage in politics. That means voting for the right politicians. If no candidates are suitable, inspire people to become candidates. If that fails too: Become a candidate yourself. If you feel you have more important things to do than engange in politics, then you will have to live with the consequences. -- = Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe = Never attribute to malice what can adequately be explained by incompetence= . From owner-freebsd-security@freebsd.org Fri Sep 18 12:57:59 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3890E9CDF4A; Fri, 18 Sep 2015 12:57:59 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 002231E88; Fri, 18 Sep 2015 12:57:58 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id A2963848A; Fri, 18 Sep 2015 12:49:04 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id B061F8303; Fri, 18 Sep 2015 14:49:02 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: grarpamp Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: Date: Fri, 18 Sep 2015 14:49:01 +0200 In-Reply-To: (grarpamp@gmail.com's message of "Thu, 17 Sep 2015 23:20:31 -0400") Message-ID: <86vbb7dhaa.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 12:57:59 -0000 grarpamp writes: > Not to mention the irreproducible builds / pkgs / ISO's. The base system build is 99% reproducible. ISOs should be reproducible as well, modulo timestamps. Reproducible packages are extremely difficult to get right. Baptiste spent a lot of time and effort trying to get them to work before the official switch to pkgng. Many packages compile the build host's name and / or the current date and time into various binaries. Python stores the timestamp of the original .py file into the .pyc file and will attempt to recompile it if that timestamp does not match or the .py file's mtime is equal to or greater than the .pyc file's mtime. Emacs does similar shenanigans with .el and .elc files. > These days these flaws are more than a bit ridiculous, You seem to be implying that everybody else is doing it except us. This is not true. Debian and Fedora are or have been working on it but with no success to date. > Can we get a wiki project page and some traction on this? https://wiki.freebsd.org/ReproducibleBuilds https://wiki.freebsd.org/PortsReproducibleBuilds Are you volunteering? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 13:30:49 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 914849CF186 for ; Fri, 18 Sep 2015 13:30:49 +0000 (UTC) (envelope-from freebsd@spam.lifeforms.nl) Received: from tau.lfms.nl (tau.lfms.nl [IPv6:2a00:f320:0:3::30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2A3A91EA6 for ; Fri, 18 Sep 2015 13:30:49 +0000 (UTC) (envelope-from freebsd@spam.lifeforms.nl) Received: from sim.dt.lfms.nl (sim.dt.lfms.nl [IPv6:2001:1af8:fe00:8414::30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by tau.lfms.nl (Postfix) with ESMTPS id 23433892C8 for ; Fri, 18 Sep 2015 15:30:46 +0200 (CEST) Received: from borax.dt.lfms.nl (borax.dt.lfms.nl [IPv6:2001:1af8:fe00:8414::112]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sim.dt.lfms.nl (Postfix) with ESMTPS id A8F689C09099 for ; Fri, 18 Sep 2015 15:30:45 +0200 (CEST) From: Walter Hop Message-Id: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) Subject: Re: HTTPS on freebsd.org, git, reproducible builds Date: Fri, 18 Sep 2015 15:30:45 +0200 References: To: freebsd-security@freebsd.org In-Reply-To: X-Mailer: Apple Mail (2.2104) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:30:49 -0000 >=20 >> Is there some reason "freebsd.org" and all it's >> subdomains don't immediately 302 over to >> https foreverafter? >=20 > Is there a reason to encrypt something that is completely public? = Perhaps to allow the visitor to conceal the fact that they are = interested in FreeBSD? That won't work, since the IP address of the = server can't be encrypted. I feel like I am missing something. Privacy is often important, but authentication (i.e. not having content = tampered with) may be more important in many cases. The US and UK governments are owning sysadmins who browse non-HTTPS = sites: = http://www.spiegel.de/international/world/ghcq-targets-engineers-with-fake= -linkedin-pages-a-932821.html = = https://theintercept.com/2014/03/20/inside-nsa-secret-efforts-hunt-hack-sy= stem-administrators/ = The Chinese government hijacked non-HTTPS sessions to inject DDoS = javascript: = https://www.eff.org/deeplinks/2015/04/china-uses-unencrypted-websites-to-h= ijack-browsers-in-github-attack = If often-used sites migrate to HTTPS (together with HSTS) these attacks = will become a lot harder. I=E2=80=99m also seeing more demand for HTTPS from customers. In Europe = there has been a lot of mainstream coverage of tech privacy issues, and = various non-technical people now distrust sites that don=E2=80=99t have = =E2=80=9Ca lock=E2=80=9D. So it also has credibility/PR benefits to use = it by default. There is always effort involved in making the switch, but for most sites = and applications this is probably not an unreasonable amount given the = benefits. --=20 Walter Hop | PGP key: https://lifeforms.nl/pgp From owner-freebsd-security@freebsd.org Fri Sep 18 13:41:53 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2CBC09CF988; Fri, 18 Sep 2015 13:41:53 +0000 (UTC) (envelope-from Daniel@Plominski.eu) Received: from root1-rz1-hetzner.plitc.eu (root1-rz1-hetzner.plitc.eu [IPv6:2a01:4f8:a0:4283::10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "root1-rz1-hetzner.plitc.eu", Issuer "StartCom Class 2 Primary Intermediate Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C7791177B; Fri, 18 Sep 2015 13:41:51 +0000 (UTC) (envelope-from Daniel@Plominski.eu) Received: from localhost (localhost [127.0.0.1]) by root1-rz1-hetzner.plitc.eu (Postfix) with ESMTP id 1A416AE007A; Fri, 18 Sep 2015 15:41:49 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at root1-rz1-hetzner.plitc.eu Received: from root1-rz1-hetzner.plitc.eu ([127.0.0.1]) by localhost (root1-rz1-hetzner.plitc.eu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FMNv31ls0a5M; Fri, 18 Sep 2015 15:41:46 +0200 (CEST) Received: from MacBook1-PLITC.local (public-gprs351091.centertel.pl [37.47.2.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: daniel@plominski.eu) by root1-rz1-hetzner.plitc.eu (Postfix) with ESMTPSA id EBBB9AE0074; Fri, 18 Sep 2015 15:41:45 +0200 (CEST) Message-ID: <55FC1498.7090902@Plominski.eu> Date: Fri, 18 Sep 2015 15:41:44 +0200 From: "Daniel DP. Plominski" MIME-Version: 1.0 To: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> <1442579551.1810383.387233801.46EBDA6D@webmail.messagingengine.com> In-Reply-To: <1442579551.1810383.387233801.46EBDA6D@webmail.messagingengine.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:41:53 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 well, encryption does not cost much, most mobile devices are now fast enough for IP obfuscation there vpn providers or anonymity networks like Tor you should look for "when leaken metadata", customized Firefox versionslike the "torbundle" package or FreeBSD features such as: disabled tcp timpstamp, activated net.inet.ip.stealth etc. may be that the most information are not critical of freebsd.org on a page about political commitment, however, twice what you click on in the post snowden/nsa area, i think it is not heard now de rigueur, but should be compulsory best regards Daniel Plominski Am 18/09/15 um 14:32 schrieb Mark Felder: > > > On Fri, Sep 18, 2015, at 07:21, Mark Felder wrote: >> >>> Same goes for use of svn, which has no native >>> signable hashed commit graph, as freebsd's >>> canonical repo... instead of git which does. >>> >> >> svn is available over https >> > > I got caught up in the https discussion and didn't cover this properly. > > No, I don't think we're going to use git any time soon. There's an > official mirror here, though: > > https://github.com/freebsd/ > -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJV/BSXAAoJEHqkZNWiQao7eLcQALn2BmgWR+GIA61OKzBnO3xQ RKSXyJDONYhiQRG53TEmukFxfOuW4nzsWCpu4Qb+OEr+DdvbujDH+9CpzvF3CkNW iw9WfSsmtjGMpfDQU27o6+QMSJfXgNGel3iPYYr+uYwpUXks0AS+FAFQJ3vr9G/N 5jKTj0UJJvplqRc/eaRuRREfxlWL5pC8ngEILs2Wk+B54+0L3jpk9pbOO5aLkFPE F99CFSWLkx2hI6plXMHO4pwfoBXn4satcUp41flHmPTLPO9HKdfi+RaT9bfE7Apb iSQ06dGE16uGWj75/+Mv6Dt5DpIX1iKgodvGsizl2H5xviuIgKpMN9d/wMLAdKBu UGbvGgLaSlcFjwVTkN5hV5WtlpG1LHctQF3oU7iWnvZklYIPvwLUXpUp0sKrqsvi zlHywQwR7Ym3n4icRrE+l38HdZDnVAmw6DLuqTKCdXp1K4/oNywArZh9A8btX+1W i1Qz5odpqI1fiC6qXzU13ymaOTkRN1oeyuDpwjoIrLe24/kJRfIyGu91ptn4OmVC JS+XAQ1NGgFVXTvSO1HfyR5P304BvqRUxr3MK7d8iba5fIgAg5cPqicSQC1A/F5D At1+38mRtSxy7De9jHwfbEndi/sDO+gUJwfV/2KaAW4lrf7nGt727tBesBveVysk 6Jsj+nHsBKp02hkB9R4p =1Yo9 -----END PGP SIGNATURE----- From owner-freebsd-security@freebsd.org Fri Sep 18 13:47:01 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DBD4D9CFC83; Fri, 18 Sep 2015 13:47:01 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id C8D6B1CDD; Fri, 18 Sep 2015 13:47:01 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from FreeBSD.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by freefall.freebsd.org (Postfix) with ESMTP id 31A9A1726; Fri, 18 Sep 2015 13:47:01 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Date: Fri, 18 Sep 2015 13:46:59 +0000 From: Glen Barber To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918134659.GB28949@FreeBSD.org> References: <86vbb7dhaa.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="wq9mPyueHGvFACwf" Content-Disposition: inline In-Reply-To: <86vbb7dhaa.fsf@nine.des.no> X-Operating-System: FreeBSD 11.0-CURRENT amd64 X-SCUD-Definition: Sudden Completely Unexpected Dataloss X-SULE-Definition: Sudden Unexpected Learning Event X-PEKBAC-Definition: Problem Exists, Keyboard Between Admin/Computer User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:47:02 -0000 --wq9mPyueHGvFACwf Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 18, 2015 at 02:49:01PM +0200, Dag-Erling Sm=F8rgrav wrote: > > These days these flaws are more than a bit ridiculous, >=20 > You seem to be implying that everybody else is doing it except us. This > is not true. Debian and Fedora are or have been working on it but with > no success to date. >=20 In fact, Debian has been kind enough to even provide a page that shows which parts of the FreeBSD build are non-reproducible. https://reproducible.debian.net/freebsd/freebsd.html Glen --wq9mPyueHGvFACwf Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJV/BXTAAoJEAMUWKVHj+KTtPMP/3HdUb/99vq3SVyMOSTsnmPv q70lCIjEC6xmTIazzl1Dh9pLn0nYwfvrHWDDS2ph3saAUZhPJKM7B1NH9fX+oe9S qPX/UlhddZKEf0UKCpk+Cl6xznpPp+3zd560y2VIO0WIEpwb0Ly3bDQ4YkqyZeKN wwTEN1QRX6/Gqa5apXdDhLb3iNCDykegIs8lyjTTtnEOHCr3hQjvC/Otgzoi2KVt EGmNIUo4J0C4zG4HRpLNjVhULpk2u6sUpCVECo1Ybs/a9KvFyf3+f0ifhfs7ANmd ncJWzPdhehYM8M6LEOmo+hDPio5zrvbYqpr1Uifkp3z8l2ytDugCedGaX2wF9Z77 nyBbYVeZ/FjtI2yYzWRdR/zN+pCmHkMGt7o6LMumRSA70K3H2g+bxYJDbE9TKKZ2 bVU103fxDy1sclHvfKwvKQrj4MnBHJYPLOse531M+AFYlIbfdD8RM6886T+hdo8i rEaCORJAQYyrQoFOQYSeC1JETiZT3Oy1/aETGa9gVhozp3bX7R2NIEMop/sViILZ Q+PSC5f0zpW8zzv+/3lKrwKMhRB5jTaX98NLYrzzCEv9BQFe/pmvRBvZY9fNwI/d sBObv4TTvf1D3LyqhARBBA/plqMDykdTZXDWzUYa6y/ETT32Rq7KqLL65EQ7xSQ5 2jvqDyhaVmGP+X/brZOk =ir38 -----END PGP SIGNATURE----- --wq9mPyueHGvFACwf-- From owner-freebsd-security@freebsd.org Fri Sep 18 13:48:13 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C02DD9CFDAA; Fri, 18 Sep 2015 13:48:13 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7B5EA1EB2; Fri, 18 Sep 2015 13:48:13 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD)) (envelope-from ) id 1Zcw1E-000DDL-MJ; Fri, 18 Sep 2015 16:48:04 +0300 Date: Fri, 18 Sep 2015 16:48:04 +0300 From: Slawa Olhovchenkov To: Dag-Erling =?koi8-r?Q?Smorgrav?= Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918134804.GU3158@zxy.spb.ru> References: <86vbb7dhaa.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <86vbb7dhaa.fsf@nine.des.no> User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:48:13 -0000 On Fri, Sep 18, 2015 at 02:49:01PM +0200, Dag-Erling Smorgrav wrote: > grarpamp writes: > > Not to mention the irreproducible builds / pkgs / ISO's. > > The base system build is 99% reproducible. ISOs should be reproducible > as well, modulo timestamps. freebsd-update builds is inreproducible by the freebsd-update-server bug[s]. From owner-freebsd-security@freebsd.org Fri Sep 18 13:53:45 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ADB0C9CE226; Fri, 18 Sep 2015 13:53:45 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 7609614D9; Fri, 18 Sep 2015 13:53:45 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id DB9A58554; Fri, 18 Sep 2015 13:53:42 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id B33AC830D; Fri, 18 Sep 2015 15:53:42 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Daniel Feenberg Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: Date: Fri, 18 Sep 2015 15:53:42 +0200 In-Reply-To: (Daniel Feenberg's message of "Fri, 18 Sep 2015 07:45:29 -0400 (EDT)") Message-ID: <86r3lvdeah.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:53:45 -0000 Daniel Feenberg writes: > Is there a reason to encrypt something that is completely public? Watering hole attacks. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 14:00:19 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D78629CE619 for ; Fri, 18 Sep 2015 14:00:19 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ACB871B4A for ; Fri, 18 Sep 2015 14:00:19 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id EF9CF20619 for ; Fri, 18 Sep 2015 10:00:18 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute2.internal (MEProxy); Fri, 18 Sep 2015 10:00:18 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=lI0RxlkL3QRYF1I x3uaYAyWumOE=; b=ehp+u1e8/yaPx2fVCCCMpMt/HIEQ9JPfV+zk9Wm1aFVTwKu +MFE1YE7T1CFaF/IDrgL4j2x7+Cg2dpsHIS5tuh4bQPpiNUvLwpQbhENS+TMHi9X S/ixUSY7M8qF8V9rUi23lk0N94zxYxXrc+cYGaXcWc0D86pf1LL7uAjsfoQw= Received: by web3.nyi.internal (Postfix, from userid 99) id C3A0E11068E; Fri, 18 Sep 2015 10:00:18 -0400 (EDT) Message-Id: <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com> X-Sasl-Enc: s94j5RhKUGXHIzOwejcRT3/Qcq3QnlJ5qXxFf1YdCIdp 1442584818 From: Mark Felder To: =?ISO-8859-1?Q?Dag-Erling=20Sm=F8rgrav?= , Daniel Feenberg Cc: freebsd-security@freebsd.org, grarpamp , freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: MessagingEngine.com Webmail Interface - ajax-e92f8263 Subject: Re: HTTPS on freebsd.org, git, reproducible builds Date: Fri, 18 Sep 2015 09:00:18 -0500 In-Reply-To: <86r3lvdeah.fsf@nine.des.no> References: <86r3lvdeah.fsf@nine.des.no> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:00:19 -0000 On Fri, Sep 18, 2015, at 08:53, Dag-Erling Sm=F8rgrav wrote: > Daniel Feenberg writes: > > Is there a reason to encrypt something that is completely public? >=20 > Watering hole attacks. Watering hole attack describes the *site* being compromised because it's popular and you know the target(s) will go there. HTTPS is irrelevant. https://en.wikipedia.org/wiki/Watering_Hole --=20 Mark Felder ports-secteam member feld@FreeBSD.org From owner-freebsd-security@freebsd.org Fri Sep 18 14:05:42 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 486139CECA0; Fri, 18 Sep 2015 14:05:42 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 0E81C17E6; Fri, 18 Sep 2015 14:05:41 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id D5A91859B; Fri, 18 Sep 2015 14:05:39 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id A71E78311; Fri, 18 Sep 2015 16:05:39 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Mark Felder Cc: Daniel Feenberg , freebsd-security@freebsd.org, grarpamp , freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: <86r3lvdeah.fsf@nine.des.no> <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com> Date: Fri, 18 Sep 2015 16:05:39 +0200 In-Reply-To: <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com> (Mark Felder's message of "Fri, 18 Sep 2015 09:00:18 -0500") Message-ID: <86k2rnddqk.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:05:42 -0000 Mark Felder writes: > Dag-Erling Sm=C3=B8rgrav writes: > > Daniel Feenberg writes: > > > Is there a reason to encrypt something that is completely public? > > Watering hole attacks. > Watering hole attack describes the *site* being compromised because it's > popular and you know the target(s) will go there. HTTPS is irrelevant. ...or a MITM attack on a site that is popular with your target demographic. Then again, if you have the means to mount a MITM attack you probably have the means to get a valid certificate. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 14:06:14 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BF0A69CED86; Fri, 18 Sep 2015 14:06:14 +0000 (UTC) (envelope-from na@rtfm.net) Received: from iad1-shared-relay1.dreamhost.com (iad1-shared-relay1.dreamhost.com [208.113.157.50]) by mx1.freebsd.org (Postfix) with ESMTP id 9E3141980; Fri, 18 Sep 2015 14:06:14 +0000 (UTC) (envelope-from na@rtfm.net) Received: from cloudburst.dreamhost.com (cloudburst.dreamhost.com [66.33.212.129]) by iad1-shared-relay1.dreamhost.com (Postfix) with ESMTP id 76735B40061; Fri, 18 Sep 2015 07:06:08 -0700 (PDT) Received: by cloudburst.dreamhost.com (Postfix, from userid 99172) id 6D4A0260C27; Fri, 18 Sep 2015 07:06:08 -0700 (PDT) Date: Fri, 18 Sep 2015 10:06:07 -0400 From: Nathan Dorfman To: Daniel Feenberg Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918140555.GA14677@vane> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:06:14 -0000 On Fri, Sep 18, 2015 at 07:45:29AM -0400, Daniel Feenberg wrote: > Is there a reason to encrypt something that is completely public? > Perhaps to allow the visitor to conceal the fact that they are > interested in FreeBSD? That won't work, since the IP address of the > server can't be encrypted. I feel like I am missing something. There may be no reason to encrypt it, but there's plenty of reason to authenticate it. That is, when you browse FreeBSD.org, you'd probably prefer to know that the content wasn't modified in transit to include a 0-day JavaScript exploit. -nd. From owner-freebsd-security@freebsd.org Fri Sep 18 14:07:38 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 119FC9CEEE6 for ; Fri, 18 Sep 2015 14:07:38 +0000 (UTC) (envelope-from ben.bailess@gmail.com) Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C50711B61 for ; Fri, 18 Sep 2015 14:07:37 +0000 (UTC) (envelope-from ben.bailess@gmail.com) Received: by ykdg206 with SMTP id g206so47366928ykd.1 for ; Fri, 18 Sep 2015 07:07:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=QgXPWmbtE/tZF9Bw6NOwCuZUhLyMINrrSBrp24C93Cw=; b=u7kAiahzz/PoZJ9uxPDXlKuYjXt2vvyRwaLK8VkV8hiGYX6Pios2wtIddpsUJsAyWu AYwMu43qvLiuJ5FXsbTHaSCSYYDQq6DhYAHjwCpTCe9MV9JhD+v+1FA+jn3beZPJFQys wsYlUoixJL1icwP8RaMymo/jv8O0pj9v6JRbRS0T+L1pLV2gyCssn6kkk5nOvu2ESYld SWJM5niZ1vPuEcnJApyo8o6X8ZXJdsKFESs7i1FjxSRwbqKFPpL4inLFJ8kNbi8dA5CI WI15xTl1J327T9OU6F1w8/Qcge7ejX24o54sre4X/XxCQAGVASRpvkI4wEl/nZh10U7C t4ng== MIME-Version: 1.0 X-Received: by 10.129.19.214 with SMTP id 205mr4682025ywt.130.1442585256923; Fri, 18 Sep 2015 07:07:36 -0700 (PDT) Received: by 10.37.119.73 with HTTP; Fri, 18 Sep 2015 07:07:36 -0700 (PDT) In-Reply-To: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> References: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> Date: Fri, 18 Sep 2015 10:07:36 -0400 Message-ID: Subject: Re: HTTPS on freebsd.org, git, reproducible builds From: Ben Bailess To: freebsd-security@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:07:38 -0000 I have to echo this sentiment -- authentication is important, and so is integrity. HTTPS would provide both -- to be sure you're talking to the "real" FreeBSD and give you confidence that your page content has not been altered in transit by a network adversary (e.g. if you are using Tor)*. *I honestly don't see that being a realistic defense against NSA/GCHQ-level attackers, though... the coercive power they have over CAs would probably be the weak point there, in my opinion. HTTPS isn't a magic bullet by any means (which should be obvious), but it's also not worthless and would protect against at least some less-than-TLA-level network adversaries. On Fri, Sep 18, 2015 at 9:30 AM, Walter Hop wrote: > > > >> Is there some reason "freebsd.org" and all it's > >> subdomains don't immediately 302 over to > >> https foreverafter? > > > > Is there a reason to encrypt something that is completely public? > Perhaps to allow the visitor to conceal the fact that they are interested > in FreeBSD? That won't work, since the IP address of the server can't be > encrypted. I feel like I am missing something. > > Privacy is often important, but authentication (i.e. not having content > tampered with) may be more important in many cases. > > The US and UK governments are owning sysadmins who browse non-HTTPS sites= : > > http://www.spiegel.de/international/world/ghcq-targets-engineers-with-fak= e-linkedin-pages-a-932821.html > < > http://www.spiegel.de/international/world/ghcq-targets-engineers-with-fak= e-linkedin-pages-a-932821.html > > > > https://theintercept.com/2014/03/20/inside-nsa-secret-efforts-hunt-hack-s= ystem-administrators/ > < > https://theintercept.com/2014/03/20/inside-nsa-secret-efforts-hunt-hack-s= ystem-administrators/ > > > > The Chinese government hijacked non-HTTPS sessions to inject DDoS > javascript: > > https://www.eff.org/deeplinks/2015/04/china-uses-unencrypted-websites-to-= hijack-browsers-in-github-attack > < > https://www.eff.org/deeplinks/2015/04/china-uses-unencrypted-websites-to-= hijack-browsers-in-github-attack > > > > If often-used sites migrate to HTTPS (together with HSTS) these attacks > will become a lot harder. > > I=E2=80=99m also seeing more demand for HTTPS from customers. In Europe t= here has > been a lot of mainstream coverage of tech privacy issues, and various > non-technical people now distrust sites that don=E2=80=99t have =E2=80=9C= a lock=E2=80=9D. So it > also has credibility/PR benefits to use it by default. > > There is always effort involved in making the switch, but for most sites > and applications this is probably not an unreasonable amount given the > benefits. > > -- > Walter Hop | PGP key: https://lifeforms.nl/pgp > > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g > " > From owner-freebsd-security@freebsd.org Fri Sep 18 14:08:05 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 811B39CEF39; Fri, 18 Sep 2015 14:08:05 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 748181C49; Fri, 18 Sep 2015 14:08:05 +0000 (UTC) (envelope-from marquis@roble.com) Date: Fri, 18 Sep 2015 07:07:59 -0700 (PDT) From: Roger Marquis To: freebsd-security@freebsd.org cc: freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds In-Reply-To: <20150918134659.GB28949@FreeBSD.org> References: <86vbb7dhaa.fsf@nine.des.no> <20150918134659.GB28949@FreeBSD.org> User-Agent: Alpine 2.11 (BSF 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:08:05 -0000 Glen Barber wrote: > In fact, Debian has been kind enough to even provide a page that shows > which parts of the FreeBSD build are non-reproducible. > > https://reproducible.debian.net/freebsd/freebsd.html This issue is one of the reasons secure sites do not use binary packages or freebsd-update. It also illustrates problems admins have when required to buildworld/installworld when all they should need to do is "cd /usr/src/crypro/openssh&&make install" (for example). Does anyone have a link to the archived discussion detailing why this functionality was deprecated? These are good and timely subjects given recently published details of NSA/5 eyes methodologies as well as the issues freebsd security teams were having as recently as a few months ago. Roger Marquis Refs. https://igurublog.wordpress.com/2014/04/08/julian-assange-debian-is-owned-by-the-nsa/ http://www.linuxjournal.com/content/debian-project-aims-keep-cia-our-computers http://www.tedunangst.com/flak/post/reproducible-builds-are-a-waste-of-time From owner-freebsd-security@freebsd.org Fri Sep 18 14:32:36 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B23449CFD00; Fri, 18 Sep 2015 14:32:36 +0000 (UTC) (envelope-from na@rtfm.net) Received: from iad1-shared-relay1.dreamhost.com (iad1-shared-relay1.dreamhost.com [208.113.157.50]) by mx1.freebsd.org (Postfix) with ESMTP id 8BA1F1BFB; Fri, 18 Sep 2015 14:32:36 +0000 (UTC) (envelope-from na@rtfm.net) Received: from cloudburst.dreamhost.com (cloudburst.dreamhost.com [66.33.212.129]) by iad1-shared-relay1.dreamhost.com (Postfix) with ESMTP id 80CF3B40094; Fri, 18 Sep 2015 07:32:35 -0700 (PDT) Received: by cloudburst.dreamhost.com (Postfix, from userid 99172) id 5CAA3260C5F; Fri, 18 Sep 2015 07:32:35 -0700 (PDT) Date: Fri, 18 Sep 2015 10:32:34 -0400 From: Nathan Dorfman To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= Cc: Mark Felder , freebsd-security@freebsd.org, Daniel Feenberg , grarpamp , freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918143233.GA15068@vane> References: <86r3lvdeah.fsf@nine.des.no> <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com> <86k2rnddqk.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <86k2rnddqk.fsf@nine.des.no> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:32:36 -0000 On Fri, Sep 18, 2015 at 04:05:39PM +0200, Dag-Erling Smørgrav wrote: > Then again, if you have the means to mount a MITM attack you probably > have the means to get a valid certificate. If you're that paranoid, there's a nice Firefox extension called CertPatrol that will alert you to any changes in the certificate's details, or if you prefer, just the CA chain. Obviously, it won't help you on the first visit -- it's an advanced version of ssh's known_hosts. -nd. > DES > -- > Dag-Erling Smørgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 14:34:37 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F5AC9CFE26; Fri, 18 Sep 2015 14:34:37 +0000 (UTC) (envelope-from na@rtfm.net) Received: from iad1-shared-relay1.dreamhost.com (iad1-shared-relay1.dreamhost.com [208.113.157.50]) by mx1.freebsd.org (Postfix) with ESMTP id 49C361D1C; Fri, 18 Sep 2015 14:34:36 +0000 (UTC) (envelope-from na@rtfm.net) Received: from cloudburst.dreamhost.com (cloudburst.dreamhost.com [66.33.212.129]) by iad1-shared-relay1.dreamhost.com (Postfix) with ESMTP id 6EC83B40079; Fri, 18 Sep 2015 07:34:36 -0700 (PDT) Received: by cloudburst.dreamhost.com (Postfix, from userid 99172) id 2A5DA260C60; Fri, 18 Sep 2015 07:34:36 -0700 (PDT) Date: Fri, 18 Sep 2015 10:34:35 -0400 From: Nathan Dorfman To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918143434.GB15068@vane> References: <86r3lvdeah.fsf@nine.des.no> <1442584818.1834563.387314497.1AD169D2@webmail.messagingengine.com> <86k2rnddqk.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <86k2rnddqk.fsf@nine.des.no> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:34:37 -0000 On Fri, Sep 18, 2015 at 04:05:39PM +0200, Dag-Erling Smørgrav wrote: > Then again, if you have the means to mount a MITM attack you probably > have the means to get a valid certificate. If you're that paranoid, there's a nice Firefox extension called CertPatrol that will alert you to any changes in the certificate's details, or if you prefer, just the CA chain. Obviously, it won't help you on the first visit -- it's an advanced version of ssh's known_hosts. -nd. > DES > -- > Dag-Erling Smørgrav - des@des.no From owner-freebsd-security@freebsd.org Fri Sep 18 14:03:43 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 92AB39CEB91; Fri, 18 Sep 2015 14:03:43 +0000 (UTC) (envelope-from wam@hiwaay.net) Received: from fly.hiwaay.net (fly.hiwaay.net [216.180.54.1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5FB731616; Fri, 18 Sep 2015 14:03:42 +0000 (UTC) (envelope-from wam@hiwaay.net) Received: from kabini1.local (dynamic-216-186-213-32.knology.net [216.186.213.32] (may be forged)) (authenticated bits=0) by fly.hiwaay.net (8.13.8/8.13.8/fly) with ESMTP id t8IE3Zbx019177 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Fri, 18 Sep 2015 09:03:36 -0500 Subject: Re: HTTPS on freebsd.org, git, reproducible builds To: freebsd-security@freebsd.org, freebsd-questions@freebsd.org References: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> <1442579551.1810383.387233801.46EBDA6D@webmail.messagingengine.com> <55FC1498.7090902@Plominski.eu> From: "William A. Mahaffey III" Message-ID: <55FC19B7.1010607@hiwaay.net> Date: Fri, 18 Sep 2015 09:09:05 -0453.75 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: <55FC1498.7090902@Plominski.eu> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 18 Sep 2015 17:20:46 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 14:03:43 -0000 On 09/18/15 08:47, Daniel DP. Plominski wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > well, encryption does not cost much, most mobile devices are now fast enough > for IP obfuscation there vpn providers or anonymity networks like Tor > > you should look for "when leaken metadata", customized Firefox > versionslike the "torbundle" package or FreeBSD features such as: > disabled tcp timpstamp, activated net.inet.ip.stealth etc. > > may be that the most information are not critical of freebsd.org > on a page about political commitment, however, twice what you click on > > in the post snowden/nsa area, i think it is not heard now de rigueur, > but should be compulsory > > best regards > Daniel Plominski > Am 18/09/15 um 14:32 schrieb Mark Felder: Where is that 'net.inet.ip.stealth' setting ? I didn't find it in my /etc/defaults/rc.conf file .... [root@kabini1, /etc, 9:09:24am] 347 % grep stealth defaults/rc.conf [root@kabini1, /etc, 9:09:25am] 348 % uname -a FreeBSD kabini1.local 9.3-RELEASE-p24 FreeBSD 9.3-RELEASE-p24 #0: Sat Aug 22 01:54:44 UTC 2015 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 [root@kabini1, /etc, 9:09:27am] 349 % -- William A. Mahaffey III ---------------------------------------------------------------------- "The M1 Garand is without doubt the finest implement of war ever devised by man." -- Gen. George S. Patton Jr. From owner-freebsd-security@freebsd.org Fri Sep 18 17:44:43 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0E0EC9CECF8 for ; Fri, 18 Sep 2015 17:44:43 +0000 (UTC) (envelope-from agh@fastmail.fm) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D0D231547 for ; Fri, 18 Sep 2015 17:44:42 +0000 (UTC) (envelope-from agh@fastmail.fm) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 8680320677; Fri, 18 Sep 2015 13:44:41 -0400 (EDT) Received: from frontend1 ([10.202.2.160]) by compute4.internal (MEProxy); Fri, 18 Sep 2015 13:44:41 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=fastmail.fm; h=cc :content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=JKNG7 sY7QE31CqbSteYJ1M4zPgY=; b=pCl6WOpgC7v97S1vqwkdHb1lmNuc2O21zACNF 1aP/whg2/kxwDefJWgy0il5Vm2zr9+Cla0Kcy9NW2MLh6bh7RcT5aOzFIY1dUmOx njhSlKrgOqH1AIppk+zxfX/etqh37OeVvEiZj60zikhzyMg84LrujuO8a8MemXBJ gzaf9s= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-sasl-enc :x-sasl-enc; s=smtpout; bh=JKNG7sY7QE31CqbSteYJ1M4zPgY=; b=r+FPb CfXDH6CM/r4qY1taWTojvel/KnXK2C4O3GbKLkKpm9AhqE3JfkyZqJEj8tniTmwa fojyPjYDgLfUZsKr0GxvOZAoXLIsxbMBwX0AQStUT4uaFeUcWZW0UJP0LBhtT3/9 FVSRMrgspeykgDEHO9jYA6AHhE+UW5XjFN9Scc= X-Sasl-enc: 5kkBmjzkFp2wZzDHh6bFE7manHYOvIuCbqh6OAHZrZvV 1442598280 Received: from kropotkin.auxio (aux.io [223.252.30.161]) by mail.messagingengine.com (Postfix) with ESMTPA id 1972FC00021; Fri, 18 Sep 2015 13:44:39 -0400 (EDT) Date: Sat, 19 Sep 2015 01:44:36 +0800 From: Alastair Hogge To: "William A. Mahaffey III" Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918174436.GF85844@kropotkin.auxio> References: <1442578892.1807598.387215049.07156D0F@webmail.messagingengine.com> <1442579551.1810383.387233801.46EBDA6D@webmail.messagingengine.com> <55FC1498.7090902@Plominski.eu> <55FC19B7.1010607@hiwaay.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <55FC19B7.1010607@hiwaay.net> User-Agent: Mutt/1.5.24 (2015-08-30) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 17:44:43 -0000 On 2015-09-18 Fri 09:09:05 +0000 William A. Mahaffey III , wrote: > On 09/18/15 08:47, Daniel DP. Plominski wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA512 > > > > well, encryption does not cost much, most mobile devices are now fast enough > > for IP obfuscation there vpn providers or anonymity networks like Tor > > > > you should look for "when leaken metadata", customized Firefox > > versionslike the "torbundle" package or FreeBSD features such as: > > disabled tcp timpstamp, activated net.inet.ip.stealth etc. > > > > may be that the most information are not critical of freebsd.org > > on a page about political commitment, however, twice what you click on > > > > in the post snowden/nsa area, i think it is not heard now de rigueur, > > but should be compulsory > > Where is that 'net.inet.ip.stealth' setting ? I didn't find it in my > /etc/defaults/rc.conf file .... What about: $ sysctl -d net.inet.ip.stealth net.inet.ip.stealth: IP stealth mode, no TTL decrementation on forwarding $ sysctl -d net.inet.ip.random_id net.inet.ip.random_id: Assign random ip_id values Add them to /etc/sysctl.conf To good health -- The liberals can understand everything but people who don't understand them. -- Lenny Bruce From owner-freebsd-security@freebsd.org Fri Sep 18 21:12:05 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03C39A0046F for ; Fri, 18 Sep 2015 21:12:05 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D890E1547 for ; Fri, 18 Sep 2015 21:12:04 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t8ILBvMX028309 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 18 Sep 2015 14:11:57 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t8ILBvvH028308; Fri, 18 Sep 2015 14:11:57 -0700 (PDT) (envelope-from jmg) Date: Fri, 18 Sep 2015 14:11:57 -0700 From: John-Mark Gurney To: Ben Bailess Cc: freebsd-security@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150918211157.GQ33167@funkthat.com> References: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Fri, 18 Sep 2015 14:11:58 -0700 (PDT) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 21:12:05 -0000 Ben Bailess wrote this message on Fri, Sep 18, 2015 at 10:07 -0400: > I have to echo this sentiment -- authentication is important, and so is > integrity. HTTPS would provide both -- to be sure you're talking to the > "real" FreeBSD and give you confidence that your page content has not been > altered in transit by a network adversary (e.g. if you are using Tor)*. > > *I honestly don't see that being a realistic defense against NSA/GCHQ-level > attackers, though... the coercive power they have over CAs would probably > be the weak point there, in my opinion. Then you get projects like certificate pinning and SSL Observatory that helps ensure that the cert that is presented is also presented to others... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-security@freebsd.org Fri Sep 18 22:10:40 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BDB9A9CE590; Fri, 18 Sep 2015 22:10:40 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 847071272; Fri, 18 Sep 2015 22:10:40 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 661BD89C7; Fri, 18 Sep 2015 22:10:36 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 3D2A18363; Sat, 19 Sep 2015 00:10:36 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Slawa Olhovchenkov Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: <86vbb7dhaa.fsf@nine.des.no> <20150918134804.GU3158@zxy.spb.ru> Date: Sat, 19 Sep 2015 00:10:36 +0200 In-Reply-To: <20150918134804.GU3158@zxy.spb.ru> (Slawa Olhovchenkov's message of "Fri, 18 Sep 2015 16:48:04 +0300") Message-ID: <86oagzwf8j.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 22:10:40 -0000 Slawa Olhovchenkov writes: > freebsd-update builds is inreproducible by the freebsd-update-server bug[= s]. freebsd-update will most likely be gone in 11. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Sat Sep 19 00:35:44 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 024F5A03858; Sat, 19 Sep 2015 00:35:44 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id BBB271BD4; Sat, 19 Sep 2015 00:35:43 +0000 (UTC) (envelope-from des@des.no) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 4B3EA8A7F; Sat, 19 Sep 2015 00:35:42 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 1B7DE8383; Sat, 19 Sep 2015 02:35:42 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Roger Marquis Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds References: <86vbb7dhaa.fsf@nine.des.no> <20150918134659.GB28949@FreeBSD.org> <20150918140821.62C8885B8@smtp.des.no> Date: Sat, 19 Sep 2015 02:35:42 +0200 In-Reply-To: <20150918140821.62C8885B8@smtp.des.no> (Roger Marquis's message of "Fri, 18 Sep 2015 07:07:59 -0700 (PDT)") Message-ID: <86fv2bw8ip.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 00:35:44 -0000 Roger Marquis writes: > This issue is one of the reasons secure sites do not use binary packages > or freebsd-update. It also illustrates problems admins have when > required to buildworld/installworld when all they should need to do is > "cd /usr/src/crypro/openssh&&make install" (for example). Does anyone > have a link to the archived discussion detailing why this functionality > was deprecated? It has not been deprecated. If you're referring upgrading instructions in security advisories etc., they generally just say "build and install world" because providing precise instructions for an incremental rebuild would require much more work on secteam's part, and there would be a significant risk of error both on secteam's and the user's part. Here's the correct sequence for OpenSSH: # cd /usr/src/secure # for d in lib/libssh */s* ; do (cd $d && make cleandir && make obj && make= depend all install) ; done # service sshd restart DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@freebsd.org Sat Sep 19 00:37:16 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D95B0A039BC for ; Sat, 19 Sep 2015 00:37:16 +0000 (UTC) (envelope-from brett@lariat.org) Received: from mail.lariat.net (mail.lariat.net [66.62.230.51]) by mx1.freebsd.org (Postfix) with ESMTP id 7B4851D8C for ; Sat, 19 Sep 2015 00:37:16 +0000 (UTC) (envelope-from brett@lariat.org) Received: from Toshi.lariat.org (IDENT:ppp1000.lariat.net@localhost [127.0.0.1]) by mail.lariat.net (8.9.3/8.9.3) with ESMTP id IAA15072; Fri, 18 Sep 2015 08:44:33 -0600 (MDT) Message-Id: <201509181444.IAA15072@mail.lariat.net> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Fri, 18 Sep 2015 08:44:04 -0600 To: Ben Bailess , freebsd-security@freebsd.org From: Brett Glass Subject: Re: HTTPS on freebsd.org, git, reproducible builds In-Reply-To: References: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 00:37:16 -0000 At 08:07 AM 9/18/2015, Ben Bailess wrote: >I have to echo this sentiment -- authentication is important, and so is >integrity. HTTPS would provide both -- to be sure you're talking to the >"real" FreeBSD and give you confidence that your page content has not been >altered in transit by a network adversary (e.g. if you are using Tor)*. I'd mainly be concerned about downloads of distros or updates being tampered with. Worms are appearing that infect not only PCs but also routers (e.g. the "Moon" worm, which affected most Linksys models available at the time), setting up a perfect scenario for an MITM attack that could substitute an infected file AND a forged checksum for the originals. If an HTTPS download site were available, I would absolutely prefer it to an HTTP one. Just my $0.02 USD. --Brett Glass From owner-freebsd-security@freebsd.org Sat Sep 19 03:48:34 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C02F8A0358B for ; Sat, 19 Sep 2015 03:48:34 +0000 (UTC) (envelope-from milios@ccsys.com) Received: from cargobay.net (cargobay.net [198.178.123.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 822C71440 for ; Sat, 19 Sep 2015 03:48:34 +0000 (UTC) (envelope-from milios@ccsys.com) Received: from [192.168.0.4] (cblmdm72-240-160-19.buckeyecom.net [72.240.160.19]) by cargobay.net (Postfix) with ESMTPSA id 477BEB53; Sat, 19 Sep 2015 03:43:24 +0000 (UTC) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: HTTPS on freebsd.org, git, reproducible builds From: "Chad J. Milios" X-Mailer: iPhone Mail (13A344) In-Reply-To: <201509181444.IAA15072@mail.lariat.net> Date: Fri, 18 Sep 2015 23:48:27 -0400 Cc: Ben Bailess , freebsd-security@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> <201509181444.IAA15072@mail.lariat.net> To: Brett Glass X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 03:48:34 -0000 > On Sep 18, 2015, at 10:44 AM, Brett Glass wrote: >=20 > At 08:07 AM 9/18/2015, Ben Bailess wrote: >=20 >> I have to echo this sentiment -- authentication is important, and so is >> integrity. HTTPS would provide both -- to be sure you're talking to the >> "real" FreeBSD and give you confidence that your page content has not bee= n >> altered in transit by a network adversary (e.g. if you are using Tor)*. >=20 > I'd mainly be concerned about downloads of distros or updates being > tampered with. Worms are appearing that infect not only PCs but also > routers (e.g. the "Moon" worm, which affected most Linksys models availabl= e > at the time), setting up a perfect scenario for an MITM attack that could > substitute an infected file AND a forged checksum for the originals. If > an HTTPS download site were available, I would absolutely prefer it to > an HTTP one. Just my $0.02 USD. >=20 > --Brett Glass=20 We have HTTPS and its benefits even if you've downloaded via insecure FTP. S= ee https://www.freebsd.org/releases/10.2R/CHECKSUM.SHA256-FreeBSD-10.2-RELEA= SE-amd64.asc and the rest of the links found on https://www.freebsd.org/rele= ases/10.2R/signatures.html or https://www.freebsd.org/releases/9.3R/signatur= es.html How did this topic of the conversation start? Because http://freebsd.org doe= sn't issue a redirect to https://? Such a thing does not increase security, i= t only obscures the fact the user came in through http. HSTS, HPKP and even D= ANE are all non-solutions to this and related problems, or half-solutions at= best, if you ask me. Beyond the quasi-security of HTTPS more important is the security we get fro= m PGP with its web of trust as well as the multitude of public key servers i= n various jurisdictions worldwide. If security is what you're after, diligence will always be part of the cost.= I'm not against the layering of additional security, but to believe HTTPS i= s a one stop security shop, a silver bullet for confidentiality or integrity= , is a complacent mindset. I may be missing the boat as to the concerns you're having. I don't purport t= o know the ins and outs of freebsd-update or the binary pkg repos since, bes= ides the occasional download of a full release ISO, I've been building all e= lse from source for a long time and I'm stuck in my ways. I will say this though: I can't seem to find the svn server key fingerprints= signed by anything [useful] (even if you count the FreeBSD web site) becaus= e I only find the web servers' keys signed by a random one of the thousands o= f [as far as I'm concerned, untrustworthy] certificate authorities. I see me= rit in additionally having a secteam PGP signature over all fingerprints of r= elevant https keys in use, made available at a convenient location, even if i= t's only at the very web servers it's signing.=20 The secteam's public PGP key has proliferated across the globe for many year= s now and it's next to impossible to replace that without raising the alarm o= f someone exercising a modicum of diligence. HTTPS on the other hand, how it= is implemented and typically used, will betray you right under your nose an= d mislead you right to your face. You need both of course because without HT= TPS (or TLS in general and really the hierarchy of anointed CAs) you can't t= alk to any PGP key severs with any reasonable assurance. You really should get the secteam's PGP key and assure it's identical from a= s many varied sources as is prudent for your threat model. It's best to veri= fy a multitude of sources while also varying your own perspective as much as= possible over space (i.e. network), time, chosen hardware, chosen software,= etc.= From owner-freebsd-security@freebsd.org Sat Sep 19 08:21:31 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1C94B9CEF39 for ; Sat, 19 Sep 2015 08:21:31 +0000 (UTC) (envelope-from dan@obluda.cz) Received: from smtp1.ms.mff.cuni.cz (smtp1.ms.mff.cuni.cz [IPv6:2001:718:1e03:801::4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ACF5B1EA8 for ; Sat, 19 Sep 2015 08:21:30 +0000 (UTC) (envelope-from dan@obluda.cz) X-SubmittedBy: id 100000045929 subject /C=CZ/O=Univerzita+20Karlova+20v+20Praze/CN=Dan+20Lukes/unstructuredName=100000045929 issued by /C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA+20Personal+20CA+202 auth type TLS.MFF Received: from [100.81.119.126] (ip-37-188-128-130.eurotel.cz [37.188.128.130]) (authenticated) by smtp1.ms.mff.cuni.cz (8.14.9/8.14.9) with ESMTP id t8J8LGAo057806 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=OK) for ; Sat, 19 Sep 2015 10:21:26 +0200 (CEST) (envelope-from dan@obluda.cz) Subject: Re: HTTPS on freebsd.org, git, reproducible builds To: freebsd-security References: <7BAECC2B-5001-47D6-9199-8549697E7807@spam.lifeforms.nl> <201509181444.IAA15072@mail.lariat.net> From: Dan Lukes Message-ID: <55FD1AF6.6040106@obluda.cz> Date: Sat, 19 Sep 2015 10:21:10 +0200 User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Firefox/38.0 SeaMonkey/2.35 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 08:21:31 -0000 Chad J. Milios wrote: > How did this topic of the conversation start? Because http://freebsd.org doesn't issue a redirect to https://? Such a thing does not increase security I'm against automatic redirection as well. If someone prefer https then he can use it just now. If someone can't use https or doesn't prefer it, then he can use https. I see nothing positive to force https regardless the users preference. According binary distribution - I would like prefer a validation mechanism independent from particular transport protocol. E.g. a signature. In such case even FTP can be used. Just my $0.02 Dan From owner-freebsd-security@freebsd.org Sat Sep 19 12:50:02 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3C750A0541D; Sat, 19 Sep 2015 12:50:02 +0000 (UTC) (envelope-from marck@rinet.ru) Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B361714CA; Sat, 19 Sep 2015 12:50:01 +0000 (UTC) (envelope-from marck@rinet.ru) Received: from localhost (localhost [127.0.0.1]) by woozle.rinet.ru (8.14.5/8.14.5) with ESMTP id t8JCiAVV057206; Sat, 19 Sep 2015 15:44:10 +0300 (MSK) (envelope-from marck@rinet.ru) Date: Sat, 19 Sep 2015 15:44:10 +0300 (MSK) From: Dmitry Morozovsky To: =?ISO-8859-15?Q?Dag-Erling_Sm=F8rgrav?= cc: Slawa Olhovchenkov , freebsd-security@freebsd.org, grarpamp , freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds In-Reply-To: <86oagzwf8j.fsf@nine.des.no> Message-ID: References: <86vbb7dhaa.fsf@nine.des.no> <20150918134804.GU3158@zxy.spb.ru> <86oagzwf8j.fsf@nine.des.no> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) X-NCC-RegID: ru.rinet X-OpenPGP-Key-ID: 6B691B03 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (woozle.rinet.ru [0.0.0.0]); Sat, 19 Sep 2015 15:44:11 +0300 (MSK) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 12:50:02 -0000 Dag-Erling, On Sat, 19 Sep 2015, Dag-Erling Sm?rgrav wrote: > > freebsd-update builds is inreproducible by the freebsd-update-server bug[s]. > > freebsd-update will most likely be gone in 11. Are there any published plans available? Thanks! -- Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] [ FreeBSD committer: marck@FreeBSD.org ] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ From owner-freebsd-security@freebsd.org Sat Sep 19 12:50:28 2015 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E02AA05525; Sat, 19 Sep 2015 12:50:28 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from zxy.spb.ru (zxy.spb.ru [195.70.199.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A64817BE; Sat, 19 Sep 2015 12:50:28 +0000 (UTC) (envelope-from slw@zxy.spb.ru) Received: from slw by zxy.spb.ru with local (Exim 4.84 (FreeBSD)) (envelope-from ) id 1ZdHax-000EMK-Bq; Sat, 19 Sep 2015 15:50:23 +0300 Date: Sat, 19 Sep 2015 15:50:23 +0300 From: Slawa Olhovchenkov To: Dag-Erling =?koi8-r?Q?Smorgrav?= Cc: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: HTTPS on freebsd.org, git, reproducible builds Message-ID: <20150919125023.GA21849@zxy.spb.ru> References: <86vbb7dhaa.fsf@nine.des.no> <20150918134804.GU3158@zxy.spb.ru> <86oagzwf8j.fsf@nine.des.no> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <86oagzwf8j.fsf@nine.des.no> User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: slw@zxy.spb.ru X-SA-Exim-Scanned: No (on zxy.spb.ru); SAEximRunCond expanded to false X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 12:50:28 -0000 On Sat, Sep 19, 2015 at 12:10:36AM +0200, Dag-Erling Smorgrav wrote: > Slawa Olhovchenkov writes: > > freebsd-update builds is inreproducible by the freebsd-update-server bug[s]. > > freebsd-update will most likely be gone in 11. What is planed for replacement?