-
Stefan Hajnoczi authored
When you clone the repository without previous commit history, 'git:// ' doesn't protect from man-in-the-middle attacks. HTTPS is more secure since the client verifies the server certificate. Cc: Richard Henderson <rth@twiddle.net> Suggested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 20181108111531.30671-8-stefanha@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
06bef596