comment and close; bug reporter is using old version and is also mistaken about how S3 security works

2 files changed, 18 insertions, 0 deletions

diff --git a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn
index 5b0eff50f..7a96ff6c7 100644
--- a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn
+++ b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__.mdwn
@@ -27,3 +27,5 @@ I tried to persuade `git annex` to use a SSL connection but without encouraging
 Debian wheezy, git-annex version: 5.20141024~bpo70+1
 
 ### Please provide any additional information below.
+
+> [[done]]; port=443 supported since 5.20141203. --[[Joey]]
diff --git a/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment
new file mode 100644
index 000000000..9006486df
--- /dev/null
+++ b/doc/bugs/Forcing_https_for_Google_cloud_storage_remote__63__/comment_2_c01a47b9df3167c9af8e5e43ec138401._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 2"""
+ date="2015-02-04T18:55:50Z"
+ content="""
+You need to upgrade to git-annex 5.20141203. With that version, 
+you can pass port=443 to git-annex initremote and it will then use
+https.
+
+The old version you're using does not support this.
+
+Also, AFAIK, S3 does not send passwords over the wire; it uses a
+challange-response, which proves to the S3 server that you possess the
+access keys. This would not be susceptable to attackers in the way you
+think it is.
+"""]]