The server is sending back code. I'd want to know I can trust whoever is sending me back code that I plan to build and run locally.
Jim > On Nov 19, 2015, at 11:40 AM, Zachary Turner via lldb-dev > <lldb-dev@lists.llvm.org> wrote: > > > > On Thu, Nov 19, 2015 at 10:28 AM Todd Fiala <todd.fi...@gmail.com> wrote: > Some other points we need to consider on the bindings-as-service idea: > > * The service should be exposed via secure connection (https/ssl/etc.) This > might already be guaranteed on the Google end by virtue of the endpoint, but > we'll want to make sure we can have a secure connection. (This will be a > non-issue for standing up a custom server, but the official one should have > this taken care of). > > If the only thing we're sending from client -> server is packaged up source > code which is already available on the open source repository, and the server > doesn't require authentication, is this necessary? > > If so, does this mean everyone needs to generate a cert locally? > _______________________________________________ > lldb-dev mailing list > lldb-dev@lists.llvm.org > http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev _______________________________________________ lldb-dev mailing list lldb-dev@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
