On Tue, Jun 25, 2013 at 07:57:35AM +1000, Fraser Tweedale wrote:
>  The git transport is insecure and should be used with caution on
>  unsecured networks.

I don't understand this. How is git:// insecure?

It's protocol with no authentication, because it's a protocol used for
public sharing.

The only point of encrypt git:// would be to verify that the recieved
data has not been altered along the way. However you can always trust
that the end result is an valid copy of the remote.

To me that means that it's as secure as a non-authentication protocoll
needs to be.

How would an "evil network" be able to do any harm to a git transport
over git://?

Med vänliga hälsningar
Fredrik Gustafsson

tel: 0733-608274
e-post: iv...@iveqy.com
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to