Good point, I suppose the client could send the username and mac
address of the computer to the server and server could combine the key
with the username so it changes per user per computer. Still may not be
that secure, but better than cleartext, some would say marginally but
at least it would stop the casual password thief. We would also pass a
security audit where they scan the disk for our passwords in cleartext,
although, I am not sure Security Guy would be sufficiently satisfied to
let us use it.
- Paul
On Aug 28, 2004, at 4:34 AM, Foy, Sean wrote:
> So would the server send the key to any anonymous user who asked for
> it, or
> would you need to authenticate to the server in order to retrieve the
> key?
> -----Original Message-----
> From: Paul Ossenbruggen [mailto:paul.ossenbruggen@convoii.net]
> Sent: Friday, August 27, 2004 10:06 PM
> To: kfogel@collab.net
> Cc: Travis P; users@subversion.tigris.org
> Subject: Re: Credentials Caching - Security Guy Not Happy
>
>
> I was thinking about this, even though, I have never looked at the
> code, it
> seems to me that the server is much easier to secure than the
> individual
> clients, so if the symmetric key were kept on the server and was
> requested
> before each command that accessed the server, it could be used to
> decrypt
> the authentication cache before executing the command. This would
> make the
> command line client pretty secure so long as it never cached the
> symmetric
> key locally. The server could generate real the key out of a config
> file
> when it launched. I am not sure how feasible this is just wanted to
> suggest
> it.
>
>
> - Paul
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
Received on Sat Aug 28 18:36:49 2004