Hi,

On Tue, 28 Aug 2007, Jakub Narebski wrote:

quoted text
> Linus Torvalds wrote:
> 
> > As to your TLS example: if we were to do "git over TLS", it would make 
> > perfect sense to use either "tls://" (although "gits://" might be more 
> > natural, not because tls is wrong, but because people have gotten used to 
> > "https://") if we were to have a "secure git" port. Or maybe we'd use the 
> > same port number that we already have assigned for git, and just add some 
> > "use TLS to authenticate/encrypt", and use "tls://" for that. It makes 
> > perfect sense.
> 
> I like gits:// idea for "git over TLS", and I'm against "tls://". I wonder
> if it would be hard to implement "git overt TLS"? We could resurrect patch
> which allowed push over git protocol, onnly restricting pushing to gits
> protocol.

I really have to wonder what the benefits are.  git:// does not need 
authentification, it is fetch-only, and you can (and should!) verify the 
integrity with git-fsck anyway.

So all TLS would add to is waste bandwidth and CPU cycles.

Ciao,
Dscho

-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html