From owner-freebsd-hubs@FreeBSD.ORG  Sat Nov 17 21:48:14 2012
Return-Path: <owner-freebsd-hubs@FreeBSD.ORG>
Delivered-To: freebsd-hubs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 9F530833;
 Sat, 17 Nov 2012 21:48:14 +0000 (UTC)
 (envelope-from utisoft@gmail.com)
Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com
 [209.85.214.54])
 by mx1.freebsd.org (Postfix) with ESMTP id 9A2A58FC13;
 Sat, 17 Nov 2012 21:48:13 +0000 (UTC)
Received: by mail-bk0-f54.google.com with SMTP id je9so746518bkc.13
 for <multiple recipients>; Sat, 17 Nov 2012 13:48:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=zVm6H1t6+8pxu6Rn839ytG3Zuz6aGPPx7U0hDdKh1L8=;
 b=MEIITNZTx9aiexLQ4ng+Kg0bVo+CBtW+dyZfHsRcqpwa603nJeifjbhlS2drIjqmLi
 lmj4HClW1NRj8ho0nZhW9NI/NJvsJB0+s8F5e0jhtTd03lQ7HSfadxglTJLf4QZq4MB9
 t7kx+0Tu5khdzfoBYNaGzz5cayJ5yEFVlbkFfAa3KRAtaW8uVPsCEWN7mW8mZi+ATFAW
 mX46qmoQ8cfwPiqrrBgZ8c/BTuENZTuL/bT7vlluIIhhqnKbxrP+TrIL5BnjVsmBr5YO
 KNcqn41BzS4ULkQApvjNEYs59qdUWs18/RV8H+s9eRTQtRaVQp/m7UfkuLiEzJB50Kil
 3jTA==
MIME-Version: 1.0
Received: by 10.204.147.212 with SMTP id m20mr3357386bkv.103.1353188891384;
 Sat, 17 Nov 2012 13:48:11 -0800 (PST)
Received: by 10.204.50.197 with HTTP; Sat, 17 Nov 2012 13:48:11 -0800 (PST)
Received: by 10.204.50.197 with HTTP; Sat, 17 Nov 2012 13:48:11 -0800 (PST)
In-Reply-To: <op.wnxq9eo0g7njmm@michael-think>
References: <CAD2Ti29UoFcHendR8CcdQ4FPNW1HH0O47B1i3JW00Lke2m2POg@mail.gmail.com>
 <20121117221143.41c29ba2@nonamehost>
 <op.wnxq9eo0g7njmm@michael-think>
Date: Sat, 17 Nov 2012 21:48:11 +0000
Message-ID: <CADLo838oG26KmfHJ+tLh82GoJzzRtfqy69+Nny1_DC8F8X4POQ@mail.gmail.com>
Subject: Re: FreeBSD needs Git to ensure repo integrity [was: 2012 incident]
From: Chris Rees <utisoft@gmail.com>
To: Michael Ross <gmx@ross.cx>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
Cc: Ivan Klymenko <fidaj@ukr.net>, freebsd-hackers@freebsd.org,
 freebsd-hubs@freebsd.org, freebsd-questions@freebsd.org,
 freebsd-security@freebsd.org, grarpamp <grarpamp@gmail.com>
X-BeenThere: freebsd-hubs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "FreeBSD Distributions Hubs: mail sup ftp" <freebsd-hubs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hubs>,
 <mailto:freebsd-hubs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hubs>
List-Post: <mailto:freebsd-hubs@freebsd.org>
List-Help: <mailto:freebsd-hubs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hubs>,
 <mailto:freebsd-hubs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Nov 2012 21:48:15 -0000

On 17 Nov 2012 21:00, "Michael Ross" <gmx@ross.cx> wrote:
>
> On Sat, 17 Nov 2012 21:11:43 +0100, Ivan Klymenko <fidaj@ukr.net> wrote:
>
>> =D0=92 Sat, 17 Nov 2012 15:00:06 -0500
>> grarpamp <grarpamp@gmail.com> =D0=BF=D0=B8=D1=88=D0=B5=D1=82:
>>
>>> http://www.freebsd.org/news/2012-compromise.html
>>>
http://it.slashdot.org/story/12/11/17/143219/freebsd-project-discloses-secu=
rity-breach-via-stolen-ssh-key
>>>
>>> This is not about this incident, but about why major opensource
>>> projects need to be using a repository that has traceable, verifiable,
>>> built-in cryptographic authentication.
>>>
>
>> LOL And how will this help Linux?
>> http://lwn.net/Articles/457142/
>
>
> In the first comment on the article you link to, you find this:
>
>
http://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cra=
cking-of-kernelorg
>
> where the OPs view is susbstantiated.

Yes, but git doesn't work with our workflow.  It's been discussed several
times, and changing to a tool that doesn't work for us (and is GPL btw) is
no good at all.

Chris