On Mon, Feb 06, 2023 at 07:27:05PM -0800, Elliott Mitchell wrote: > On Mon, Feb 06, 2023 at 10:10:33PM -0500, Demi Marie Obenour wrote: > > Obtaining code over an insecure transport is a terrible idea for > > blatently obvious reasons. Even for non-executable data, insecure > > transports are considered deprecated. > > I completely agree with the premise, but I would suggest the better > approach to removing use of git:// is to instead require signing of > commits.
I fully support requiring commit signing, but I don’t consider commit signing to be a replacement for transport encryption. I also strongly recommend using SSH, not GPG, for commit signing: it is vastly easier to use and the attack surface is much, much smaller. > I'm also under the impression git can use TLS, though I'm > unsure whether gits:// works (and what revision of git is required). git uses TLS via HTTPS. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
