Andreas Schwab <schwab@xxxxxxxxxxxxxx> writes: > Sergey Sharybin <sergey.vfx@xxxxxxxxx> writes: > >> So guess we just need to recommend using https:// protocol instead of >> git:// for our users? > > Given how easy it is to verify the integrity of a git repository out of > band there isn't really much of added security by using TLS for > transport. You can verify integrity after the fact, but not guarantee confidentiality ... so it again depends on the definition of "security". -- Matthieu Moy http://www-verimag.imag.fr/~moy/ -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html