On Fri, Jun 24, 2011 at 11:51, August Lilleaas <augustlille...@gmail.com>wrote:
> I have a concern with the practicality of using client certificates > over https instead of SSH. > > You can tell git which key and cert to use for client cert https > connections. This is done via git-config, so it can be set both > globally (--global, stored in ~/.gitconfig) and per project (/path/to/ > project/.git/config). Say you're using multiple Gitorious > installations on a daily basis, i.e. gitorious.org, git.myserver.com, > git.mycompany.com, etc. Wouldn't each Gitorious installation require a > separate client cert? If so, you'd have to configure the key and cert > on a per-repo basis. With SSH, you can use the same ssh keypair for > all those sites, not requiring any per-repo config, since there's no > ident info in the public key other than that you was logged in to > gitorious.org when you added it. > This is definitely a valid concern, and we will investigate accordingly. If it does have to be configured on a per-repo basis, we could ease this process by providing a small cli to help out. But ideally, it would "just work". Basically - if we cannot make the experience secure AND easy to use, we will not drop easier alternatives. Christian -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
