Yeah, i understand this. We can not protect self from every single possible attack..
On Fri, Dec 27, 2013 at 10:26 PM, Bernhard R. Link <brl+...@mail.brlink.eu> wrote: > * Sergey Sharybin <sergey....@gmail.com> [131227 15:25]: >> Security in this case is about being sure everyone gets exactly the >> same repository as stored on the server, without any modifications to >> the sources cased by MITM. > > Note that ssl (and thus https) only helps here against a resource-less > man-in-the-middle. Getting catch-all CA-signed certificates is said to > no longer available to everyone as easily as it was some years ago, but > unless you allow only one private CA (and even there clients often fail) > you still should assume everyone resourceful enough to still be able to > do MITM. > > Bernhard R. Link -- With best regards, Sergey Sharybin -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
