From 738bae92f34f23bf8e44a7d18928729c75ed8f12 Mon Sep 17 00:00:00 2001
From: "http://joeyh.name/" <http://joeyh.name/@web>
Date: Tue, 15 Jan 2013 20:25:42 +0000
Subject: Added a comment

---
 .../comment_1_f509bf273896180e6df8c771438dd093._comment       | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 doc/forum/No_SSL_traffic_for_S3__63__/comment_1_f509bf273896180e6df8c771438dd093._comment

(limited to 'doc')

diff --git a/doc/forum/No_SSL_traffic_for_S3__63__/comment_1_f509bf273896180e6df8c771438dd093._comment b/doc/forum/No_SSL_traffic_for_S3__63__/comment_1_f509bf273896180e6df8c771438dd093._comment
new file mode 100644
index 000000000..808d4c035
--- /dev/null
+++ b/doc/forum/No_SSL_traffic_for_S3__63__/comment_1_f509bf273896180e6df8c771438dd093._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="http://joeyh.name/"
+ ip="4.154.7.238"
+ subject="comment 1"
+ date="2013-01-15T20:25:42Z"
+ content="""
+<http://hackage.haskell.org/package/hS3> is a Haskell library for S3, which git-annex uses. It does not support HTTPS. I'm sure its author would appreciate help, or maybe even just gentle motivation.
+
+FWIW, I think that S3's authorization is designed to be pretty secure even over an un-encrypted transport.
+It uses HMAC to sign the request with your AWS credentials securely, and includes a date that is hopefully used to avoid replay attacks.
+"""]]
-- 
cgit v1.2.3