Re: cert caching touch-ups

From: Joe Orton <joe_at_manyfish.co.uk>
Date: 2003-09-23 14:56:16 CEST

On Tue, Sep 23, 2003 at 12:29:17PM +0200, Tobias Ringstrom wrote:
> Joe Orton wrote:
> >Yes, quite. On the day that svn.webdav.org presents the funkycode.org
> >certificate, I don't want a prompt, I want a big nasty error message. :)
> >The only way to achieve this is to cache by hostname/port.
>
> So you support the proposal? I'm looking for a +1. :-)

Yes definitely, if it means caching by hostname+port rather than by
fingerprint. The important thing is how to handle the situation above
when the server presents a cert different to that which has been cached,
and to make sure this is a fatal error not a prompt.

Thanks for working on this!

joe

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Sep 23 15:23:58 2003

This message: [ Message body ]
Next message: Ben Collins-Sussman: "Re: svn commit: rev 7129 - trunk/packages/rpm/mandrake-9.1"
Previous message: mark benedetto king: "Re: svn commit: rev 7129 - trunk/packages/rpm/mandrake-9.1"
In reply to: Tobias Ringstrom: "Re: cert caching touch-ups"
Next in thread: Tobias Ringstrom: "Re: cert caching touch-ups"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]