On Fri, 2016-01-08 at 10:43 -0500, Paul Tagliamonte wrote: > I'd like to suggest we move all Vcs-Git entries to either `https` or I doubt https will give any real hard additional security, based on the inherent problems of the X.509 CA system.
Per default, git would take the system CA store, which per default contain some large number (IIRC ~100?) of CAs, some of them which have already proven to be either incompetent or more likely malicious, others from totalitarian countries or other countries known to most likely make use of forged certificates for evil purposes. And even if a CA could be assumed to not do bad things,... most CAs offer certs based on some challenge response against whois data via email. The email which is completely unsecured as well as the whois.. Thus using ssh AND signed tags or even better signed commits seems to be the best solution from a security PoV :) Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
