mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Added a comment

Browse source
This commit is contained in:
http://joeyh.name/ 2013-01-15 20:25:42 +00:00 committed by admin
parent 10edb04cfe
commit 16a557477b
1 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
doc/forum/No_SSL_traffic_for_S3__63__/comment_1_f509bf273896180e6df8c771438dd093._comment Normal file
View file

@ -0,0 +1,11 @@
[[!comment format=mdwn
username="http://joeyh.name/"
ip="4.154.7.238"
subject="comment 1"
date="2013-01-15T20:25:42Z"
content="""
<http://hackage.haskell.org/package/hS3> is a Haskell library for S3, which git-annex uses. It does not support HTTPS. I'm sure its author would appreciate help, or maybe even just gentle motivation.
FWIW, I think that S3's authorization is designed to be pretty secure even over an un-encrypted transport.
It uses HMAC to sign the request with your AWS credentials securely, and includes a date that is hopefully used to avoid replay attacks.
"""]]