From: Junio C Hamano <gitster@pobox.com>
To: Stefan Beller <sbeller@google.com>
Cc: Jeff King <peff@peff.net>,
"git\@vger.kernel.org" <git@vger.kernel.org>,
Duy Nguyen <pclouds@gmail.com>
Subject: Re: [RFC/WIP PATCH 11/11] Document protocol version 2
Date: Tue, 02 Jun 2015 10:06:18 -0700 [thread overview]
Message-ID: <xmqqoaky3ur9.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <CAGZ79kaRTLX7eBCOA=yQHVwcN-H-o_aZFfQ1gw7Nx-NC82pbag@mail.gmail.com> (Stefan Beller's message of "Mon, 1 Jun 2015 16:14:15 -0700")
Stefan Beller <sbeller@google.com> writes:
> I think the recent issue with the push certificates shows that having arbitrary
> data after the = is a bad idea.
I do not think push certificate episode tells any such thing.
It was about not carefully using cryptography with arbitrary data.
How that arbitrary data came to the machinery is irrelevant. We
could have used base-64 to encode the server nonce when transferring
it to the machinery via capability, but then decode it in order to
place it in the cerficiate.
Do not restrict transport for such a reason and make legitimate uses
of the transport unnecessarily harder for later users. What needs
to be done is to think how the data that was transport was used.
next prev parent reply other threads:[~2015-06-02 17:06 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-26 22:01 [RFC/WIP PATCH 00/11] Protocol version 2, again! Stefan Beller
2015-05-26 22:01 ` [RFC/WIP PATCH 01/11] upload-pack: make client capability parsing code a separate function Stefan Beller
2015-05-26 22:01 ` [RFC/WIP PATCH 02/11] upload-pack: only accept capabilities on the first "want" line Stefan Beller
2015-05-26 22:17 ` Junio C Hamano
2015-05-26 22:20 ` Stefan Beller
2015-05-26 22:01 ` [RFC/WIP PATCH 03/11] upload-pack: move capabilities out of send_ref Stefan Beller
2015-05-26 22:01 ` [RFC/WIP PATCH 04/11] upload-pack-2: Implement the version 2 of upload-pack Stefan Beller
2015-05-27 2:30 ` Eric Sunshine
2015-05-27 6:35 ` Jeff King
2015-05-27 17:30 ` Eric Sunshine
2015-05-27 20:14 ` Jeff King
2015-05-27 17:40 ` Stefan Beller
2015-05-27 20:34 ` Jeff King
2015-05-27 20:45 ` Stefan Beller
2015-05-27 21:46 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 05/11] transport: add infrastructure to support a protocol version number Stefan Beller
2015-05-27 6:39 ` Jeff King
2015-05-27 19:01 ` Stefan Beller
2015-05-27 20:17 ` Jeff King
2015-05-27 19:10 ` Junio C Hamano
2015-05-26 22:01 ` [RFC/WIP PATCH 06/11] remote.h: add get_remote_capabilities, request_capabilities Stefan Beller
2015-05-27 3:25 ` Eric Sunshine
2015-05-27 6:50 ` Jeff King
2015-05-27 17:19 ` Eric Sunshine
2015-05-27 20:09 ` Jeff King
2015-05-27 6:45 ` Jeff King
2015-05-29 19:39 ` Stefan Beller
2015-05-29 22:08 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 07/11] fetch-pack: use the configured transport protocol Stefan Beller
2015-05-26 22:19 ` Junio C Hamano
2015-05-26 22:23 ` Stefan Beller
2015-05-27 6:53 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 08/11] transport: connect_setup appends protocol version number Stefan Beller
2015-05-26 22:21 ` Junio C Hamano
2015-05-26 22:31 ` Stefan Beller
2015-05-27 5:09 ` Junio C Hamano
2015-05-27 6:56 ` Jeff King
2015-05-27 3:33 ` Eric Sunshine
2015-05-27 7:02 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 09/11] transport: get_refs_via_connect exchanges capabilities before refs Stefan Beller
2015-05-27 5:37 ` Eric Sunshine
2015-05-27 7:06 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 10/11] t5544: add a test case for the new protocol Stefan Beller
2015-05-27 5:34 ` Eric Sunshine
2015-05-27 7:12 ` Jeff King
2015-05-26 22:01 ` [RFC/WIP PATCH 11/11] Document protocol version 2 Stefan Beller
2015-05-29 20:35 ` Junio C Hamano
2015-05-29 21:36 ` Stefan Beller
2015-05-29 21:52 ` Junio C Hamano
2015-05-29 22:21 ` Jeff King
2015-06-01 23:14 ` Stefan Beller
2015-06-01 23:40 ` Stefan Beller
2015-06-04 13:18 ` Jeff King
2015-06-04 17:01 ` Junio C Hamano
2015-06-02 17:06 ` Junio C Hamano [this message]
2015-05-27 6:18 ` [RFC/WIP PATCH 00/11] Protocol version 2, again! Jeff King
2015-05-27 7:08 ` Jeff King
2015-06-01 17:49 ` Stefan Beller
2015-06-02 10:10 ` Duy Nguyen
2015-06-04 13:09 ` Jeff King
2015-06-04 16:44 ` Stefan Beller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqoaky3ur9.fsf@gitster.dls.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=pclouds@gmail.com \
--cc=peff@peff.net \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).