Andreas Schwab <[email protected]> writes: > Sergey Sharybin <[email protected]> writes: > >> So guess we just need to recommend using https:// protocol instead of >> git:// for our users? > > Given how easy it is to verify the integrity of a git repository out of > band there isn't really much of added security by using TLS for > transport.
You can verify integrity after the fact, but not guarantee confidentiality ... so it again depends on the definition of "security". -- Matthieu Moy http://www-verimag.imag.fr/~moy/ -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
