From owner-freebsd-questions@freebsd.org  Fri Oct  4 17:22:53 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B7DD3133F33;
 Fri,  4 Oct 2019 17:22:53 +0000 (UTC)
 (envelope-from mozolevsky@gmail.com)
Received: from mail-oi1-f196.google.com (mail-oi1-f196.google.com
 [209.85.167.196])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46lGsm6nWxz4bcn;
 Fri,  4 Oct 2019 17:22:52 +0000 (UTC)
 (envelope-from mozolevsky@gmail.com)
Received: by mail-oi1-f196.google.com with SMTP id m16so6427466oic.5;
 Fri, 04 Oct 2019 10:22:52 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=41wyONT/jCdqrWpuHx9S2fZxmUxyz8x4I6gNx8g+wDY=;
 b=QfBonVy4g/NBdC/cabH+29DxmW65GmPbYT4Hd93kAKZJLNGSxfceglOq8+WWiD95jL
 lGx1SfYJ6QLUPaqj7A+hqyV4AfD2GOkLqu2xdW7BaDqv2ubLIlyOvqvbei29CXP9Ha3I
 r/hXvuwgaWn4IHoTLHHXdHKCBk7oly0SP0tMceQEEb9X1txzRNGgrVWN/2rh4uVaQIZ+
 OV2LPs9KMcPGTBposm67tTSzHd/gFabuKfmJOeYmdKPFwXH0MnyzpBsKDu3fFHk4DuND
 BvNKh4pA6zEkjOWIs3MU6qBh5+8hd5j/Hljr2bJp1VedECHgCtPMl+FjAC8lDl5hmXUi
 s40Q==
X-Gm-Message-State: APjAAAU2zlk2oEbVg+BN9hp01HEzOI8OC1L015xhL6QCMLToSlA9Tv/B
 zWVNpCieK2fGgUr1LjYfnkgBhzbFodE/exvVTw0=
X-Google-Smtp-Source: APXvYqxvmFiP1WFGsjumxxVTM8b2C+Xrs/aEMpKFzP+ffmovWHhci+pq4iFK8R/58EWaCUfPyAL7a4PQSv237JoKkoY=
X-Received: by 2002:aca:304b:: with SMTP id w72mr7731009oiw.126.1570209771415; 
 Fri, 04 Oct 2019 10:22:51 -0700 (PDT)
MIME-Version: 1.0
References: <CAD2Ti2_p0Yq4VBGMnzxfJABaV94D4a0vsVMuAGgQn6Cm06p+_w@mail.gmail.com>
 <CAD2Ti28X=VMM=oHzFWBJ8b73dT9T4Wi-5ytrBSKBcj4X3Wfn7Q@mail.gmail.com>
In-Reply-To: <CAD2Ti28X=VMM=oHzFWBJ8b73dT9T4Wi-5ytrBSKBcj4X3Wfn7Q@mail.gmail.com>
From: Igor Mozolevsky <igor@hybrid-lab.co.uk>
Date: Fri, 4 Oct 2019 18:22:15 +0100
Message-ID: <CADWvR2hTvuKnjANQjt0QbXLbYTmjc1PuFW20qWVweyuXZsVo5g@mail.gmail.com>
Subject: Re: Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based
To: grarpamp <grarpamp@gmail.com>
Cc: freebsd security <freebsd-security@freebsd.org>, 
 Hackers freeBSD <freebsd-hackers@freebsd.org>, freebsd-questions@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 46lGsm6nWxz4bcn
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of mozolevsky@gmail.com designates
 209.85.167.196 as permitted sender) smtp.mailfrom=mozolevsky@gmail.com
X-Spamd-Result: default: False [-3.09 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[];
 RCPT_COUNT_THREE(0.00)[4];
 R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[hybrid-lab.co.uk];
 TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[196.167.85.209.list.dnswl.org : 127.0.5.0];
 IP_SCORE(-1.09)[ipnet: 209.85.128.0/17(-3.27), asn: 15169(-2.16), country:
 US(-0.05)]; 
 FORGED_SENDER(0.30)[igor@hybrid-lab.co.uk,mozolevsky@gmail.com];
 FREEMAIL_TO(0.00)[gmail.com];
 RWL_MAILSPIKE_POSSIBLE(0.00)[196.167.85.209.rep.mailspike.net : 127.0.0.17];
 R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US];
 FROM_NEQ_ENVFROM(0.00)[igor@hybrid-lab.co.uk,mozolevsky@gmail.com];
 RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 17:22:53 -0000

On Fri, 20 Sep 2019 at 22:01, grarpamp <grarpamp@gmail.com> wrote:
>
> For consideration...
>
> SVN really may not offer much in the way of native
> internal self authenticating repo to cryptographic levels
> of security against bitrot, transit corruption and repo ops,
> external physical editing, have much signing options, etc.
> Similar to blockchain and ZFS hash merkle-ization,
> signing the repo init and later points tags commits,
> along with full verification toolset, is useful function.


<snip>

Isn't UNIX(TM) philosophy that a program should do one thing and do it
well? Just because people can't be bothered to learn to use multiple
tools to do *multiple* tasks on the same dataset, is not a reason, let
alone "the reason," to increase any program complexity to orders of
N^M^K^L so that one "foo checkout" does all the things one wants!


Incidentally, how does that saying go, if you think "crypto" is the
solution to your problem, then ... (I'm slightly paraphrasing, of
course). When crypto invalidates a repo, how would it be different
from seeing non ASCII characters in plain ASCII files, or sudden
refusal to compile---one way or another you'd still need to restore
from BACKUP, hence crypto IS NOT a substitute for good data keeping
practices.

Also, what empirical data do you have for repo bitrot/transit
corruption that is NOT caught by underlying media?


-- 
Igor M.