On Fri, 17 Jul 2009, Linus Torvalds wrote: > > On Fri, 17 Jul 2009, John Tapsell wrote: > > > > Why couldn't you have the actual code encrypted, but have the server > > still know about the SHAs etc? You would expose the actual commit > > structure, but that might be acceptable? > > Even that wouldn't really work, because you'd never be able to generate > any deltas. > > So there would be no real advantage. In fact, there would be only > disadvantages, because without any delta generation, you'd now have to > actually transfer _more_ data. Oh, if you let the server know all the SHA's at _all_ levels (ie down to the blob itself), and then just make the blobs be encrypted, we'd be able to do some trivial optimizations, like only sending the actual blobs that changed. HOWEVER. That would reveal absolutely tons of data about the repository, and about the history. You'd have lost a _lot_ of security. Linus -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html