Date: Mon, 11 Dec 2017 15:23:28 -0800 From: Yuri <yuri@rawbw.com> To: Yonas Yanfa <yonas@fizk.net> Cc: freebsd-security@freebsd.org Subject: Re: http subversion URLs should be discontinued in favor of https URLs Message-ID: <b9bba941-e648-d38e-152b-072186cb5837@rawbw.com> In-Reply-To: <225f2891-dc04-0e38-05bb-b4af9645f663@fizk.net> References: <97f76231-dace-10c4-cab2-08e5e0d792b5@rawbw.com> <2a6d123c-8ee5-8e1e-d99b-4bce02345308@rawbw.com> <1217.1512685566@critter.freebsd.dk> <20171208082503.cve4526nkwf7chef@localhost> <201712112129.vBBLT7tj006260@donotpassgo.dyslexicfish.net> <225f2891-dc04-0e38-05bb-b4af9645f663@fizk.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/11/17 14:40, Yonas Yanfa wrote: > I prefer HTTPS over HTTP as well, but wouldn't switching over to git > and using signed commits be even more secure than using HTTPS? So far, nobody pointed out even one security flaw of using https combined with the private CA. So no, they appear to be equally secure, with https approach having the advantage of being able to work on the same infrastructure in virtually the same way. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b9bba941-e648-d38e-152b-072186cb5837>