From mboxrd@z Thu Jan 1 00:00:00 1970 From: normalperson at yhbt.net (Eric Wong) Date: Tue, 23 Feb 2016 01:19:57 +0000 Subject: Killing plaintext git:// in favor of https:// cloning In-Reply-To: References: Message-ID: <20160223011957.GA788@dcvr.yhbt.net> "Jason A. Donenfeld" wrote: > Now that git.zx2c4.com runs over HTTPS, I'm considering getting rid of > the plaintext git:// endpoint for cloning. > Does anybody have any objections or comments? I suggest keeping git:// running as automated mirrors may not be monitored very closely or easily updated. git already has plenty of integrity checking built-in and getting the proper hashes for the heads/tags over a trusted-enough medium is enough (or reading the fine code). And as others have said, HTTPS isn't impenetrable and the CA system is still a major problem. Also, TLS libraries can introduce new bugs and vulnerabilities like Heartbleed. Quoting from http://www.postfix.org/TLS_README.html | By turning on TLS support in Postfix, you not only get the | ability to encrypt mail and to authenticate remote SMTP clients | or servers. You also turn on thousands and thousands of lines of | OpenSSL library code. Assuming that OpenSSL is written as | carefully as Wietse's own code, every 1000 lines introduce one | additional bug into Postfix. Something to keep in mind :)