<rbb@rkbloom.net> writes:
> That's fine, but I won't implement it. I disagree with this solution, and
> you are making a rather large assumption about being able to sniff the
> network. I only use SVN over SSL, because of the ability to sniff the
> password off the wire. Also, there is the ability to implement digest
> authentication to resolve that problem.
Would you be willing to implement it with the other default (that is,
the conservative one, which you prefer?) I won't pretend that the
list might not discuss it some more, and later decide to tweak that
default... But that property is true symmetrically of any solution: if
someone implemented default "on" auth caching, and we later decided to
become more conservative, then tweaking it to "off" would be a two
second change as well.
In other words, the main portion of this task is *not* the choosing of
the default, and anyway the default may be changed back and forth N
times before release.
So if you're in general unwilling to implement a feature whose default
behavior might get changed later, well, that's going to rule out a lot
of Subversion work for you, which would be a pity :-(.
Reconsider?
-Karl
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 14 19:05:25 2003