Re: [RFC 0/2] Git-over-TLS (gits://) client side support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jan 13, 2010 at 4:04 PM, Ilari Liusvaara
<ilari.liusvaara@xxxxxxxxxxx> wrote:
> On Wed, Jan 13, 2010 at 03:13:40PM -0500, Avery Pennarun wrote:
>> On Wed, Jan 13, 2010 at 3:06 PM, Ilari Liusvaara
>> > As said, I got fed up with failure modes of SSH.
>>
>> I think this is the answer that needs clarification.  What failure
>> modes are these?  ssh doesn't seem to fail for me.  And github.com
>> seems to be working rather well with a huge number of users and ssh
>> authentication.
>
> Those failure modes tend to be show up at setup phase. But when they
> show up, at worst I have seen ones that took hours to debug because
> of multitude of possible causes and no good information on what's
> wrong.
>
> And don't get me started about multi-key setups.
>
> SSH uses fixed sets of keys, which has inherent failure modes. And ssh
> server tends to be worse than the client (Github can avoid the server
> failure modes since they control the SSH server).
>
> But not even github can avoid all the failure modes.
>
>> If you're upset at the failure modes of ssh, is it possible to fix ssh
>> instead of introducing Yet Another Tunneling Protocol?
>
> No, those failure modes can't be solved in SSH.

This is still not very illuminating.  How do you know your replacement
will not have these same failure modes?  If you solve your main
annoyances with ssh, how do you know you won't introduce any new
annoying failure modes?  *Why* can't ssh be fixed to solve the
problem?  Will I have to generate and manage yet another new set of
keys to use the new system?

You seem to be positioning your implementation as a competitor to
*all* of ssh, https, and straight TLS (including stunnel), and
moreover, presenting it as superior to all three.  This is surely
possible (they all suck differently), but it's going to be hard to
convince people.  And if your new security protocol *only* works with
git, it loses points automatically against other solutions.  (Even if
ssh is hard to set up, I've *already set it up*, so any new
alternative starts with an immediate negative score.)

Have fun,

Avery
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]