Quoth Ryan Schmidt <mailto:subversion-2005@ryandesign.com>:
> Just to set the record straight about Apache: .htpasswd files do not
> use base64 encoding. They use md5 hashing by default on Windows,
> Netware and TPF, and crypt encryption on all other operating systems,
> or you can also use sha hashing. None of these are reversible.
Interesting. The last time I recall modifying an .htpasswd file
directly it *was* using base64. That was several years ago, though.
Well, there's a need for Apache to use non-reversible encoding for
passwords, because .htpasswd files tend to be in directories visible by
many people (especially in a shared hosting environment). That doesn't
hold for svnserve's configuration files.
The reason why I suggested base64 in particular is that if a reversible
algorithm is used then the changes can be made solely on the server
side, without needing to alter clients in any way (which makes life
simpler). And since (as I understand it) SVN already has a secure
challenge-response algorithm in place, this won't compromise security.
If you use something irreversible then every client will have to be
modified to use the obfuscated version as the root secret (or SVN's
challenge code will have to be changed), which is a much more serious
undertaking.
And since we've already established that you can't do anything to stop
an untrustworthy admin from doing evil, then IMHO an irreversible
algorithm provides no advantage over a reversible one.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 16 23:13:24 2005