From owner-freebsd-questions@freebsd.org Wed Jan 20 23:11:37 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B7C8CA8B127 for ; Wed, 20 Jan 2016 23:11:37 +0000 (UTC) (envelope-from mfv@bway.net) Received: from smtp1.bway.net (smtp1.bway.net [216.220.96.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 92C9310C2; Wed, 20 Jan 2016 23:11:37 +0000 (UTC) (envelope-from mfv@bway.net) Received: from gecko4 (host-216-220-115-31.dsl.bway.net [216.220.115.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m1316v@bway.net) by smtp1.bway.net (Postfix) with ESMTPSA id E21EB95861; Wed, 20 Jan 2016 18:11:29 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bway.net; s=mail; t=1453331490; bh=zmOdEp5U++b+3BwsC4vR/RZfIXNq1zzRlRxEIbUD6/w=; h=Date:From:To:Cc:Subject:In-Reply-To:References:Reply-To; b=fVE4o0ZxT6qQmSNz7SxaCAsJO5cg0lpq3BKa3da/tfb5CnqG8gPn1FvsnfAFV+0IR R6wzzrNi93JKNVaOjI+t92kDeHpj5Sqeh5JUuue14yBT1rzB1w8uU9s5MQHl5smg5d /9eFAw7c/QSKiNY37QgoTsI9JEu5AFmYqHgEWD70= Date: Wed, 20 Jan 2016 18:11:29 -0500 From: mfv To: Anton Sayetsky Cc: Matthew Seaman , FreeBSD Questions Subject: Re: Downloading 10.2-RELEASE-p10 source without prayer Message-ID: <20160120181129.08eedbbc@gecko4> In-Reply-To: References: <569F4344.5020907@FreeBSD.org> <20160120115808.6133c482@gecko4> <569FC320.1080906@freebsd.org> Reply-To: mfv@bway.net MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jan 2016 23:11:37 -0000 > On Wed, 2016-01-20 at 20:30 Anton Sayetsky > wrote: > >20 =D1=8F=D0=BD=D0=B2. 2016 =D0=B3. 19:26 =D0=BF=D0=BE=D0=BB=D1=8C=D0=B7= =D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8C "Matthew Seaman" > =D0=BD=D0=B0=D0=BF=D0=B8=D1=81=D0=B0=D0=BB: >> You will need to check the cert -- svn will ask you about it the >> first =20 >time you connect. >AFAIK, the official way for now is installing security/ca_root_nss. >_______________________________________________ >freebsd-questions@freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"freebsd-questions-unsubscribe@freebsd.org" Hello Anton, Thanks for your reply. Yes, the official way is to install security/ca_root_nss. According to the handbook: https://www.freebsd.org/doc/handbook/svn.html After reading Matthew's reply and the handbook I kept the protocol for svnup at https, the default, which AFAIK, is the slightly more secure option at a slight loss of speed. As of date, ca_root_nss is not required by svnup so a user will have to specifically install it, if some other program has not pulled it in as a dependency. I do not know how ca_root_nss works but will save that for another day. Right now, it just works, without any intervention on my part. Kudos to the developers. This message is meant as a note for the record in case anybody else has a similar situation or concern. Cheers ... Marek