In message <[email protected]>, Peter Jeremy writes: > On 2012-Nov-20 11:30:59 -0500, Gary Palmer <[email protected]> wrote: > >On Tue, Nov 20, 2012 at 11:26:42AM -0500, Eitan Adler wrote: > >> On 20 November 2012 04:54, xenophon\+freebsd > >> <[email protected]> wrote: > >> >> As of now: > >> >> > >> >> - SVN is *the* source of truth. > >> > > >> > Would it be possible to publish FreeBSD's Subversion repository using > >> > HTTPS, instead of HTTP? > >>=20 > >> %svn ls https://svn0.us-west.FreeBSD.org/base/ > > > >You will get a certificate warning. The certificates used do not > >appear to be officially signed by a recognised CA. The hashes of the=20 > >certificate keys are on the mirror website I pointed out in my email > > The certificates are self-signed. Whilst the hashes are published on > the FreeBSD website, that site is only available via HTTP so there's > still a bootstrap issue - which I don't have a general solution for. See DANE, RFC 6698. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"