X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f
X-Recipient: geda-user AT delorie DOT com
Date: Fri, 13 Aug 2021 01:51:27 +0000
From: "Branko Badrljica (brankob AT s5tehnika DOT net) [via geda-user AT delorie DOT com]" <geda-user AT delorie DOT com>
To: geda-user AT delorie DOT com
Subject: Re: [geda-user] geda and pcb git repos inaccessible ?
Message-ID: <20210813015127.43f5c7cd@(none)brane_wrks>
In-Reply-To: <xnmtpme4hj.fsf@envy.delorie.com>
References: <20210812212426 DOT 2612bd97 AT brane_wrks>
	<xnmtpme4hj DOT fsf AT envy DOT delorie DOT com>
Organization: S5
X-Mailer: Claws Mail 4.0.0 (GTK+ 3.24.29; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Reply-To: geda-user AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: geda-user AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

On Thu, 12 Aug 2021 17:29:44 -0400
DJ Delorie <dj AT delorie DOT com> wrote:

> "Branko Badrljica (brankob AT s5tehnika DOT net) [via geda-user AT delorie DOT com]"
> <geda-user AT delorie DOT com> writes:
> > Great. Could you also enable https access ?  
> 
> We've had this discussion before, and the answer was no.
> 
> > Gentoo/portage keeps harping about git protocol being unsafe to be
> > used over open net. And they are right...  
> 
> Only anonymous git uses cleartext.  Contributors use git-over-ssh.


Sorry for making you repeat yourself, but at the risk of furthering
that transgression, how is the user supposed to check integrity of
their copies ?

It's not without a reason that firefox & co prefers and often enforces
https.

ALL data is routinely intercepted and often changed in flight.
All done routinely and automated.