Mark Lodato <lodatom@xxxxxxxxx> writes: >> The user is always prompted, even if the certificate is not encrypted. >> This should be fine; unencrypted certificates are rare and a security >> risk anyway. Hmm, "rare" is in the eyes of beholder. For automated settings, I would imagine that it is a necessary feature that we need to keep working. Of course the local box that keeps an unencrypted certificate used this way must be well protected to make it _not_ a security risk, but that is not an issue you are addressing with your patch anyway, so it is not nice to dismiss possible usability issues like this. >> I did not create any tests because the existing http.sslcert option has >> no tests to begin with. Again, not nice. Not having tests in this particular patch may be Ok, as long as you or other people fix that deficiency with follow-up patches, but please don't be proud that you are following a bad example. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html