-------- In message <6fff232c-65c0-34bc-a950-0e79eda02...@denninger.net>, Karl Denninger writes:
>> As I mentioned humoursly to you in private email, I don't think >> this particular problem will reach consensus any sooner if you >> also tangling it in the SVN vs GIT political issue. > >Fair enough but I think my underlying point -- that svn ought to provide >the ability to distribute signed bits, and if it can't then it should >either be wrapped or augmented to do so if possible, and tossed if not, >remains valid. It sure does, but knowing crypto-code and knowing the projects decision making process about such things, I see neither adding that to svn nor replacing svn as feasible this side of 2020. >Removing unencrypted transport is thus IMO a net bad as it *claims* to >address this but doesn't. That's bad because you now lead people to >*believe* they have a secure means of tracking the project's bits but >that's factually false. +1 -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
