[tor-dev] Git hosting changes, git:// support discontinued
yawning at schwanenlied.me
Sun Nov 30 23:55:31 UTC 2014
On Sun, 30 Nov 2014 17:32:05 -0500
Jason Cooper <tor at lakedaemon.net> wrote:
> > It is unauthenticated and you probably shouldn't use it if at all
> > possible.
> How does that matter? All of the tags are signed by Nick Mathewson.
> This allows the server *and* the path to be untrusted.
What about intermediary commits between tagged releases? Yes, signing
each commit is possible, and probably even a good idea, but it's not
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the tor-dev