On Fri, Aug 18, 2017 at 10:44:04PM +0800, Alex Vong wrote:
> It seems julia had merge the mbedtls patches, so they should be working:
> 
>   https://github.com/JuliaLang/julia/pull/22614
> 
> Should we also adopt the patches?

Personally, I think it depends on the advice of the libgit2 team. We
shouldn't add new TLS backends without being very careful that they work
properly.

I've seen many cases where TLS seemed to work but, upon examination,
turned out to not offer any security at all.

Currently, TLS in `guix pull` is the fundamental security mechanism in
Guix, so we must be very careful.