Date: Tue, 30 Sep 2014 22:49:24 -0400 From: Glen Barber <gjb@FreeBSD.org> To: beeessdee@ruggedinbox.com Cc: freebsd-stable@freebsd.org Subject: Re: svn repo verification (Re: FreeBSD 10.1-BETA3 Now Available) Message-ID: <20141001024924.GX1275@hub.FreeBSD.org> In-Reply-To: <f3fcd61828fdbe94f7ede7d0de13d2c8.squirrel@s4bysmmsnraf7eut.onion> References: <20140928155118.GA75063@hub.FreeBSD.org> <fe17030e3efeefb5dfa800b46ee181d9.squirrel@s4bysmmsnraf7eut.onion> <20140929025102.GH75063@hub.FreeBSD.org> <20140929031120.GI75063@hub.FreeBSD.org> <ebef3a6c539a7be6d6a953b1a0278049.squirrel@s4bysmmsnraf7eut.onion> <20140929121648.GL75063@hub.FreeBSD.org> <f3fcd61828fdbe94f7ede7d0de13d2c8.squirrel@s4bysmmsnraf7eut.onion>
next in thread | previous in thread | raw e-mail | index | archive | help
--8D1TCnBmjJJF2KCx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 01, 2014 at 04:18:23AM +0200, beeessdee@ruggedinbox.com wrote: > On Mon, September 29, 2014 2:16 pm, "Glen Barber" <gjb@FreeBSD.org> wrote: > > I don't understand what you mean. We have a verifiable audit trail - it > > is all in svn revision history. >=20 > By this I mean, cryptographic hash chain and signed commits. svn revision > history is audit trail, but not *verifiable* audit trail. >=20 Well, audit trail is why we no longer use CVS. > Is there such things in svn metadata? I did not find. If yes, this > should be Handbook documented (and how to use it). >=20 No, there isn't. > Important because: >=20 > * Data at rest in repository, protected from intrusion or the insider > attack. >=20 Even "insiders" do not have login access directly to svn. > * Data in transit on wire not protected by svn protocol (except for > persons with the ssh access) >=20 svn+https. It is in the Handbook. > * Every person, everywhere should be able confirm downloaded commit > history is exactly equals bit-for-bit what you (gjb@), Core Team, re@ > have in their machines! >=20 I don't quite follow what the core team has to do with this, to be honest... But you can confirm the history. Check out the repository via svn+https =66rom one of the mirrors we say are official. It, too, in the Handbook. > Obscure change (example classic "if(uid=3D=3D0)" to single "if(uid=3D0)")= in > critical piece even 100.000 commits old should be easy detectable by > anyone. >=20 I fail to see the relevance here. > Commit bit should be attached requirement of signing of the commits. >=20 SVN doesn't work that way, and no, I will not entertain the "but $foo VCS does" conversation, which at best, is far outside the scope of a 10.1-BETA announcement email.. Glen --8D1TCnBmjJJF2KCx Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJUK2u0AAoJEAMUWKVHj+KTTLEP+wYqo99GFHylsaiGzBVihVv9 SpvSfhrLbnXIPibOFsibDWeS5TvgDDCeL/9Kx2b/2bmd+arOAKWYhry+XuSvLiEl osgPjxqkMvtPYDhyj7uDQO5XsUqNOo1fJR8C8EfNEU2GnPODAqpkWoB6Vq5rUpS2 u4mOGe0V5Klntg+bcBCo8oeR7NXfQPxN8mKVcw4/AE9XaTdxcLcGRsXUQwfn/Itf hnm4y1LkKfG/5rwyZoR6p4VlMeH9PE8OkslS71CY91Xo2tZ4buTO6VanCbW9YCf/ CZj9rjaZGB69gzYQq5S2Hm1rCKK+8sRaY8+SRbpCY1JdTnqc+aZAcoWg0tCAylmz +6ZJLsntR47rHfqIyGFbJMTYt45fA9T6bkuQxGHvyxhkTKIJMUGDOkHxECPVfQNj AKgkNME5jBH361s9F1s63IJn09LHUwge975i7+6q1alWa90HTIiUEAWgS0aPVrUw rEYZPv2ET22YLjgCoXbXO8A3MNo4FhkER37eQ83mLZcJTjpZJubcXJQFqEv/9alJ llhKX1VpDG6EVxoyOHopmiVdXW1IDqArhBZHllNnNO9SLuSUbZXq9hlkiPkIDzfD WYqnLTIg6xWL5PaZX6fwJXRVwomfeOtH5f839xm3NSfvFcaAvRcsKIC4YR9FP9QI bxy0VML+RkbMKue2xCrh =4ksk -----END PGP SIGNATURE----- --8D1TCnBmjJJF2KCx--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141001024924.GX1275>