[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Error checking out large repository -- illegal padding

From: Andy Helten <andy.helten_at_dot21rts.com>
Date: 2004-07-30 01:55:32 CEST

Ben Collins-Sussman wrote:

> Andy Helten wrote:
>
>>> Read chapter 6 closely... these are separate methods of using svnserve.
>>>
>> I did read it, about 4 times. I guess my assumption was that the
>> svn:// access method did not encrypt the repository _data_ (did not
>> find this explicitly described in the book). Am I wrong here? I
>> understand authentication is secured by CRAM-MD5, but that doesn't
>> imply the subsequent repository transfer is secure. Is it? If not,
>> these access methods are hardly equivalent in terms of security.
>>
>
> You are correct. A client speaking svn:// to an svnserve daemon is
> not speaking over an encrypted link. (The password never travels over
> the network in any form... but the main repository data isn't encrypted.)
>
> I never claimed the two methods were equivalent in terms of security.
> :-) I was just pointing out that one method requires an ssh system
> account, one does not. Encryption is a separate topic.
>

So what am I left with? Here is my situation:
    1) An SVN/Apache/SSL bug is preventing me from checking out my
repository using HTTPS.
    2) I am not comfortable with the insecure transfer of the
repository using svn://
    3) I don't really want to create system accounts for the folks
accessing this repository (i.e. no svn+ssh:// if it requires system
accounts for repository users)

HELP!!!!

Andy

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 30 01:56:01 2004

This is an archived mail posted to the Subversion Users mailing list.