Date: Sat, 12 Apr 2014 08:26:53 -0800 From: Royce Williams <royce@tycho.org> To: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: MITM attacks against portsnap and freebsd-update Message-ID: <CA%2BE3k92BUx6T4Uic99ASrp8UP9C3oPvcK05dQFH11eO8Y5WK_Q@mail.gmail.com> In-Reply-To: <CAFHbX1JwqR2mGDtruo5r2XHTxw2JDeC64fMYKRtH3syggWNUaw@mail.gmail.com> References: <CAHAXwYCGkP-o0VvMXj5S8-KNA45aTvy%2BsrjDL_=8-x9Dza5z5Q@mail.gmail.com> <534932A8.6040801@gmx.com> <CAFHbX1JwqR2mGDtruo5r2XHTxw2JDeC64fMYKRtH3syggWNUaw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 12, 2014 at 8:06 AM, Tom Evans <tevans.uk@googlemail.com> wrote: [snip] > issues to solve there. In a non license constrained world, the problem > of "how do I replicate these files from here to there" is universally > solved by rsync. Would a freebsd-update tool that required the rsync Don't portsnap and freebsd-update use cryptographic signing as well? When used to update software, signing seems like a big win over vanilla rsync. Royce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BE3k92BUx6T4Uic99ASrp8UP9C3oPvcK05dQFH11eO8Y5WK_Q>