On Wed, 2005-01-05 at 15:39, Ben Collins-Sussman wrote:
> But we'd better be ready for a slew of newbies asking us how to make
> subversion stop asking for their password. I predict it will jump into
> the top 10 FAQs on the users@ list.
The more disturbing scenario is that people (or distributions) stay at
svn 1.1 because of a perceived decrease in the usability of 1.2.
I am not gung-ho about changing the default at all. My reasoning is
that application-specific passwords are fairly bad security devices to
start with. Failing to cache them by default would be trying to make up
for their weaknesses by imposing policies which users won't tolerate.
We wouldn't be increasing practical security very much and we'd be
pissing off users more.
I am particularly concerned about changing the default in 1.x, because
of the potential for our users to see it as a downgrade.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jan 5 22:18:39 2005