[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-community
Subject:    Notice of upcoming changes to the behaviour of the anongit network
From:       Ben Cooksley <bcooksley () kde ! org>
Date:       2020-04-11 10:14:38
Message-ID: CA+XidOG80JO-DrWBXAJ2HgBQLKzNJJZa4ZSctLSR9fW1q7FRBg () mail ! gmail ! com
[Download RAW message or body]

Hi all,

As part of the preparations for the move to Gitlab, and the rewrite of
our anongit tooling, one of the things we have looked into is how the
anongit network in general operates.

As part of this, it has been observed that the git:// protocol is
unencrypted, and thus vulnerable to intercept and manipulation by
hostile actors.

We have therefore decided that support for the git:// protocol to
access KDE Git repositories will cease following our migration to
Gitlab.

Going forward, all anonymous access should take place instead over
https, which is encrypted, and has the added benefit of offering
support for redirects (should those be needed)

Should anyone have any questions regarding this, please let us know.

Thanks,
Ben Cooksley
KDE Sysadmin
[prev in list] [next in list] [prev in thread] [next in thread]