Hi, On Fri, Dec 27, 2013 at 7:36 PM, Konstantin Khomoutov <flatworm@xxxxxxxxxxxxxxxxxxxxx> wrote: > > The Git protocol does not implement it itself but you can channel it > over a TLS tunnel (via stunnel for instance). Unfortunately, this > means a specialized software and setup on both ends so if the question > was about a general client using stock Git then the answer is no, it's > impossible. Ok, got it. > Yes, but it will only be secure if you've managed to verify the > server's certificate and do trust its issuer (or a CA higher up the > cert's trust chain) -- people tend to confuse "encrypted" with > "secure" which is not at all the same thing. We've got CA-signed certificate atm and it's about to be also EV-signed for our server (git.blender.org). So this is not gonna to be an issue. Cloning over https:// works fine, but we wanted to be sure all the bits are secure. So guess we just need to recommend using https:// protocol instead of git:// for our users? -- With best regards, Sergey Sharybin -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html