[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: cert caching touch-ups

From: Tobias Ringström <tobias_at_ringstrom.mine.nu>
Date: 2003-09-23 22:22:26 CEST

Branko Čibej wrote:

>Let's not forget that Subversion is more than the command-line client. I
>can easily imagine that a GUI will run a lot longer. I'd hesitate to
>tweak a library function's behaviour only to better support the command
>line client.
>
>
I'm not sure exactly what you object to. Do you object to the whole SSL
server certificate permanent trusting mechanism, or only the fact that
the user can trust a certificate that has an invalid date or hostname?
Adding the possibility to trust certs with invalid date and hostname is
only a few lines of code, and it's something that can benefit all kinds
of clients. Another advantage is that if a cert is permanently trusted
in one client, it will be trusted in another client as well, which makes
sense, IMHO.

Or did I miss the point completely?

/Tobias

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Sep 23 22:23:23 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.