Some secure way of updating sources?

[QIU Quan]

Having read the FAQ, I learned there are 3 ways to sync sources. Among
them, only AnonCVS can be transmitted in a secure channel when using
SSH transport. The other two, namely CVSup and CVSync, are transferred
in clear text with no server identity authentication. However, even
the AnonCVS host key fingerprints are published over HTTP channel,
which provides no server authentication as well.

Communication without proper authentication is vulnerable to DNS
poisoning and man-in-the-middle attacks, alhough it is unlikely to
happen in the wild.

In practice, an updating user is not confident to say he or she is
always updating genuine OpenBSD sources. And OpenBSD mirrors sync with
the same unsureness.

Is there some way to authenticate and verify source updating traffic?

It seems publishing the SSH host keys on the HTTPS pages stabilizes
the AnonCVS trusting graph. What about CVSup and CVSync?


--
h#d=: (QIU Quan) <jac...@gmail.com>