Re: git and https
> While we're on the subject of git security...should we stop
> recommending that non-account-holders use git:// (most efficient, but
> insecure against MITM unless you manually check the commit number) in
> preference to https:// (at least some security)?
> https://wiki.debian.org/Alioth/Git#Accessing_repositories
https:// is actually just as efficient as git:// these days (other than the
minor overhead of TLS, which is worth it for security). See "man
git-http-backend" for details on the "smart" HTTP protocol, which uses
the same protocol as git:// .
- Josh Triplett
Reply to:
- References:
- git and https
- From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>