Karl Fogel <kfogel_at_red-bean.com> wrote:
> Duncan Booth <duncan.booth_at_suttoncourtenay.org.uk> writes:
>> That isn't the only option. For example you could store a hash
>> locally and transfer a hash of the hash. That way you still aren't
>> sending the stored value across the network (and you can use a
>> challenge response system to ensure the value which is sent is
>> different every time) but if the stored password is leaked the
>> original plaintext password (which may be being used for other
>> systems too) isn't compromised.
>
> But then the stored hash becomes, effectively, the plaintext password,
> and we are still storing it locally.
>
> (Work it out, you'll see what I mean.)
Phil Marek understood my point: access to the Subversion repository is
neither more nor less secure than before, but compromising the hashed
password used by Subversion would no longer compromise other systems where
the same plaintext password was being used.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-04-07 13:13:10 CEST