On Fri, Dec 27, 2013 at 08:25:16PM +0600, Sergey Sharybin wrote: > Security in this case is about being sure everyone gets exactly the > same repository as stored on the server, without any modifications to > the sources cased by MITM.
Besides security, HTTPS is more likely to work across different firewalls and proxies, since "odd" ports like 9418 are often blocked and HTTPS usually isn't subject to the weirdness of proxies (since they can't inspect it or modify it). > As for "smart" http, this seems pretty much cool.However, we're > currently using lighthttpd, so it might be an issue. We'll check on > whether "smart" http is used there, and if not guess it wouldn't be a > big deal to switch to apache. You can use Lighttpd if you like. See Documentation/git-http-backend.txt (or git http-backend --help). -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
