Re: svn_ra.h

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2000-11-29 20:01:01 CET

>> Also, I want Subversion to work over rsh/ssh at some point (unless
>> you can provide neon and apache with authentication mechanisms
>> which have all the nice key management properties of ssh), which
>> means I want the subprocess support anyway.

> Well, I'd think the preferred approach would be to support SSL
> secured mod_dav_svn use.

Note that SSL as currently implemented in the world at large does not
have "all the nice key management properties of ssh." That part was
important.

> This way libsvn_ra_dav is still HTTP proxy happy, and you don't have
> to let ssh through your firewall if you don't have to.

This argument is terrible, incidentally. A firewall which allows HTTP
through is allowing it for the sake of web browsing, not for
Subversion. By making Subversion run over HTTP, we are subverting
that policy, which is a bad thing, not a good thing.

(Note: I am not saying this is a compelling reason to punt our DAV
approach. Just that the firewall issue is a mark against, not a mark
in favor.)
Received on Sat Oct 21 14:36:15 2006

This message: [ Message body ]
Next message: Greg Hudson: "Re: svn_ra.h"
Previous message: Ben Collins-Sussman: "Re: svn_ra.h"
In reply to: Bill Tutt: "RE: svn_ra.h"
Next in thread: Jim Blandy: "Re: svn_ra.h"
Reply: Jim Blandy: "Re: svn_ra.h"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]