From owner-freebsd-questions@freebsd.org Fri Sep 18 13:46:31 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 468E29CFC36 for ; Fri, 18 Sep 2015 13:46:31 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1D5471C2F for ; Fri, 18 Sep 2015 13:46:30 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id BB08E205DC for ; Fri, 18 Sep 2015 09:46:29 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Fri, 18 Sep 2015 09:46:29 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=YawOa/k/ym6V7wN 8W39Drro9l9Y=; b=U0kfHwjwSWJflT5u5UhlaHawPfJeJJ/K3onuemVHJSRqk8p foa6LnsJEyHvl4NIF8Ygh5StZjUYSrtSxgYsNLcY6PFfsBzEeBWfKJPeEuzFD369 IbmoX5zKu9VqSW4zu4IYp/EL4k3M9Fbvy2tD9PD9hmNOVhzxAKKjYE4lT90M= Received: by web3.nyi.internal (Postfix, from userid 99) id 95A3F110174; Fri, 18 Sep 2015 09:46:29 -0400 (EDT) Message-Id: <1442583989.1830421.387287001.4BC94C0A@webmail.messagingengine.com> X-Sasl-Enc: T8zUU3LSMxIHxUwjHqA3CMr1NI/DbmkiS4K7pxRb+Rzs 1442583989 From: Mark Felder To: Quartz , freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-e92f8263 Subject: Re: HTTPS on freebsd.org, git, reproducible builds Date: Fri, 18 Sep 2015 08:46:29 -0500 In-Reply-To: <55FC07F2.1060100@sneakertech.com> References: <55FC07F2.1060100@sneakertech.com> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Sep 2015 13:46:31 -0000 On Fri, Sep 18, 2015, at 07:47, Quartz wrote: > > Is there a reason to encrypt something that is completely public? > > MitM attacks. SSL would go a long way towards ensuring that when you go > to a website you're seeing the real website and not something that > silently redirects you to compromised files or targeted misinformation. > This is a common misconception. How do you programmatically prove you're not victim of an SSL MITM? You have to trust your installed CA Roots and any of those could have issued a FreeBSD.org certificate. DNSSEC helps[1] prove you're reaching the right IP, but they could be doing a transparent MITM or BGP hijacking. Additionally, there is no desktop browser natively supporting DANE yet, and you probably will never find it in text browsers like lynx. The key distinction is that SSL provides encryption, not identification. Proving identification is much more difficult. Remember, if they can MITM your HTTP, they can MITM your HTTPS. The difficulty is only slightly higher; it's certainly within the reach of organized blackhat groups and easily achieved by state actors. [1] As long as you can trust that the DNSSEC root isn't compromised by the state... -- Mark Felder ports-secteam member feld@FreeBSD.org