This may be a rather ignorant question. It is based on the thread: "Can Git do all of this?". Konstantin indicated that Web suppliers such as GitHub are not secure. Why is this? Well, I guess maybe they could be hacked from the outside, or perhaps an employee could be subverted. I am wondering why there is not an git _option_ to mark a repository as "insecure". When something is pushed to this "insecure" repository, the files being pushed would be encrypted as they are being transferred (read data, encrypt, then send). The reverse on a fetch or pull (receive, decrypt, write). This would leave the files unencrypted on the user's machine.
I don't know git internals, but is there some reason why the remote repository cannot have its files be encrypted on the user's machine before transferring to the "insecure" machine? I don't think anybody _in this case_ would directly use the files on the server. I am aware that encryption will increase their size. I don't know, but I guess this would inhibit some operations such as gc and maybe fsck. But are those operations truly necessary on a storage-only git repository? Again, my ignorance is showing. I would think that the encryption used would require a properly signed digital certificate. How to distribute this cert to the appropriate people is left as an exercise for the reader. Thanks for your thoughts. --
