[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] git "smart http" protocol
|
From: |
James Cloos |
|
Subject: |
Re: [Savannah-users] git "smart http" protocol |
|
Date: |
Thu, 16 Sep 2010 15:36:04 -0400 |
|
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux) |
>>>>> "AKF" == Andreas K Foerster <address@hidden> writes:
AKF> More importantly, the article suggests using Basic Authentification.
AKF> That sends the password unencrypted over the line, just base64-encoded,
AKF> but anybody can decode that. So, it's a very bad idea to use that for
AKF> sensible data.
While I agree that using ssh for push is better, note that the expected
use case for commit over the new http protocol is to do it over tls.
A number of sites use a single ssh login for all projects, limiting
commit access by the ssh key. For them, supporting commit over ssh
is an easier change.
Pull-only support, though, will be a very helpul enhancement to SV.
-JimC
--
James Cloos <address@hidden> OpenPGP: 1024D/ED7DAEA6
- [Savannah-users] git "smart http" protocol, Miles Bader, 2010/09/15
- Re: [Savannah-users] git "smart http" protocol, Sylvain Beucler, 2010/09/16
- Re: [Savannah-users] git "smart http" protocol, Andreas K. Foerster, 2010/09/16
- [Savannah-users] Re: git "smart http" protocol, Miles Bader, 2010/09/16
- Re: [Savannah-users] Re: git "smart http" protocol, Sylvain Beucler, 2010/09/16
- Re: [Savannah-users] Re: git "smart http" protocol, Sylvain Beucler, 2010/09/16
- [Savannah-users] Re: git "smart http" protocol, Miles Bader, 2010/09/17
- Re: [Savannah-users] Re: git "smart http" protocol, Sylvain Beucler, 2010/09/17
- Re: [Savannah-users] Re: git "smart http" protocol, Miles Bader, 2010/09/17
- Re: [Savannah-users] Re: git "smart http" protocol, Sylvain Beucler, 2010/09/17
- Re: [Savannah-users] git "smart http" protocol,
James Cloos <=