Re: Subversion security design

From: Jonathan S. Shapiro <shap_at_eros-os.org>
Date: 2000-06-27 15:06:55 CEST

> mod_ssl provides us with client certificate authentication, which sounds
> much like what you're doing. We just happen to be using off-the-shelf
> technology that has been widely tested :-)

Yes, but mod_ssl does not provide access controls. Actually, I'm content to
use the very same technology for certificate authentication, though I'll
probably take it directly from the openssl implementation.

> Yes, it is good to plan ahead. But it is also good to just say "this
solves
> the 90% case, I don't care about the other 10%, let's *produce*
something."

As I think you know, I agree with this sentiment. DCMS is mostly
implemented and working.

But speaking purely personally, I also believe that you have the wrong
objective. CVS is quite good at being CVS, and if one is going to undertake
the effort to build a new system, it's worth asking what should that system
really do. We just have different places where we have set the cutlines.

Just to be very clear: I think your cutline is a useful one. In the absence
of DCMS, I would certainly move to subversion over CVS. If both exist, I
suppose I'll just have to see which one is more useful to me. Disagreements
about where the cutline should be are useful disagreements so long as we
don't get religious about them.

shap
Received on Sat Oct 21 14:36:05 2006

This message: [ Message body ]
Next message: Peter Donald: "JavaCVS link"
Previous message: Greg Stein: "Re: Subversion security design"
In reply to: Greg Stein: "Re: Subversion security design"
Next in thread: Peter Donald: "JavaCVS link"
Reply: Peter Donald: "JavaCVS link"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]