Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 6 Jan 2009 01:04:26 -0800
From:      Tait <>
Subject:   Re: Foiling MITM attacks on source and ports trees
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> > Unless designed carefully, there will be substantial logistical
> > problems to maintaining such lists of signatures.
> ...
> > You can then verify the correctness of what's on your disk ...
> The idea is that one needs to get this public key only once
> ...
> IMHO, this could or should take place at the subversion server itself.

This problem has already been solved in the form of Git*. Now whether
FreeBSD can/will migrate to Git or an equivalent for version control is
another question. The security benefits would result even if a trusted
person (the FreeBSD security team, maybe?) maintained a git mirror of
the CVS/Subversion/Whatever repository.

Git avoids the issue of versioned lists of signatures by simply making
the version history of the repository an unbroken chain. If any link
in history is changed, the sha1 checksums no longer compute. By simply
verifying a sha1 hash, you can be assured (at least, as assured as [that
implementation of] sha1 can make you feel) that the files at that point
in time and all their prior history are exactly the same on your computer
as what's on the distribution server. No lengthy lists or checksum tuples
are required. The checksums are "built in" to the version control itself.

Git also provides a mechanism for cryptographic sign-off of tags, which
would provide the public/private keyed infrastructure you're trying to
(awkwardly) replicate with SSL and PKI.

The combination of sha1-strength history integrity verification and
cryptographic tags mean all the information necessary to validate your
on-disk source tree (and its history) is widely available and easily
verified even if obtained from an untrusted source. You will need a
secure means of obtaining either a (single) sha1 hash or a public key,
but everything else can e verified once you have that small bit of very
public (and therefore difficult to forge) information.

Even if Git isn't the answer, it's at least worth stealing some of
their ideas.


Want to link to this message? Use this URL: <>