[ On Friday, December 13, 2002 at 16:24:46 (+0000), Matthias Scheler wrote: ]
> Subject: Re: Any point to cvs using rsh? (was Re: Anoncvs pointer)
>
> In article <20021213162056.4CC40B@proven.weird.com>,
> 	woods@weird.com (Greg A. Woods) writes:
> >> Because you want to make sure that you get your new sources from the
> >> real NetBSD anonymous CVS server and not some other server. SSH's
> >> host key management system will take care of that.
> > 
> > and so then you'll be getting rid of the FTP server too, right?  :-)
> 
> Using Anonymous CVS over SSH is an option. It is not mandatory.

I think you missed my point.  I should have mentioned that the non-HTTPS
web server will also have to go.

Certainly we can't be allowing anyone to retrieve NetBSD source code by
any plain TCP connection!  :-)

I.e. by your attitude we should just turn off all plain TCP (and UDP) by
default -- only IPsec and maybe SSL and/or SSH encrypted and
authenticated tunnels can be allowed by default.

Of course at least with FTP and maybe with HTTP downloads there's the
more likely possiblity of making available a public-key-encrypted copy
of file's secure signature via some other "out-of-band" method -- that's
a little more difficult to do for CVS transactions, and of course it's
much easier just to use a secure transport for CVS instead.  However if
I have an IPsec connection then I sure a hell don't want to waste twice
the cycles re-encrypting (or even just re-authenticating and re-signing)
SSH packets -- I want to use plain RSH over my IPsec network instead.

I.e. plain RSH is just fine as the default.  Maybe we instead of railing
against such things "we" should spend what little effort "we" have
trying to make IPsec work in more places and in more ad-hoc ways.
Opportunistic IPsec anyone?

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>