I was thinking about this, even though, I have never looked at the
code. It seems to me that the server is much easier to secure than the
individual clients, so if the symmetric key were kept on the server and
was requested before each command that accessed the server, it could be
used to decrypt the authentication cache before executing the real
command. This would make the command line client pretty secure so long
as it never cached the symmetric key locally. The server could generate
real the key out of a config file when it launched. I am not sure how
feasible this is, or if you have already thought of it, just wanted to
suggest it, I also think it would keep Security Guy happy.
- Paul
On Aug 25, 2004, at 1:24 PM, <kfogel@collab.net> wrote:
> Paul Ossenbruggen <paul.ossenbruggen@convoii.net> writes:
> > Request:
> > That in a new version, in the not too distant future, that the auth
> > directory is encrypted by svn. I mean, it really cool that, we have
> > all these SSL capabilities in svn and this would be the last chink
> in
> > the armor.
>
> Encrypt it according to what key? A key that the user would then have
> to type in in order to decrypt the data? How inconvenient... Let's
> cache the key...
>
> You see where this leads.
>
Received on Sat Aug 28 05:06:22 2004