On Wed, May 27, 2015 at 10:44:17PM +0100, Dimitri John Ledkov wrote: > On 27 May 2015 at 09:08, Wouter Verhelst <wou...@debian.org> wrote: > > On Mon, May 25, 2015 at 11:38:06AM -0700, Josh Triplett wrote: > >> > While we're on the subject of git security...should we stop > >> > recommending that non-account-holders use git:// (most efficient, but > >> > insecure against MITM unless you manually check the commit number) in > >> > preference to https:// (at least some security)? > >> > https://wiki.debian.org/Alioth/Git#Accessing_repositories > >> > >> https:// is actually just as efficient as git:// these days (other than the > >> minor overhead of TLS, which is worth it for security). > > > > Why? Which attack do you envision (other than the ridiculous "the NSA would > > see > > that we're pushing!", which they can by just doing a git clone too) that > > would > > be thwarted by https but not by signed commits? > > > > It fails The Dissident Test, hence we should use https or ssh for > cloning. And provide only those methods. > > Overall we should default to protect the privacy of DDs, contributors > and our users. I was pondering for some time if we should add that to > DFSG or maybe have a GR about it.
The security of a program is orthogonal to its licensing; let's not mix the two. I agree that we should push for TLS, but that's not a DFSG matter. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150527220056.GA23152@cloud
