* Sergey Sharybin <sergey....@gmail.com> [131227 15:25]:
> Security in this case is about being sure everyone gets exactly the
> same repository as stored on the server, without any modifications to
> the sources cased by MITM.

Note that ssl (and thus https) only helps here against a resource-less
man-in-the-middle. Getting catch-all CA-signed certificates is said to
no longer available to everyone as easily as it was some years ago, but
unless you allow only one private CA (and even there clients often fail)
you still should assume everyone resourceful enough to still be able to
do MITM.

        Bernhard R. Link
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to