-------- In message <[email protected]>, Karl Denninger writes:
>> As I mentioned humoursly to you in private email, I don't think >> this particular problem will reach consensus any sooner if you >> also tangling it in the SVN vs GIT political issue. > >Fair enough but I think my underlying point -- that svn ought to provide >the ability to distribute signed bits, and if it can't then it should >either be wrapped or augmented to do so if possible, and tossed if not, >remains valid. It sure does, but knowing crypto-code and knowing the projects decision making process about such things, I see neither adding that to svn nor replacing svn as feasible this side of 2020. >Removing unencrypted transport is thus IMO a net bad as it *claims* to >address this but doesn't. That's bad because you now lead people to >*believe* they have a secure means of tracking the project's bits but >that's factually false. +1 -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [email protected] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
