> On Fri, Aug 24, 2001 at 03:57:25PM -0400, C. Scott Ananian wrote:
> > On Fri, 24 Aug 2001, Sander Striker wrote:
> > > And, I've been having a little chat with Ben Laurie that is probably
> > > bringing me back to reallity: client certs.
> > >
> > > I guess I will just have to forget about ssh in combination
> with svn :)
> >
> > SSH and client certificates both use public-key cryptography, and (I
> > believe) the actual algorithms to use are selectable in the protocol.
> > Why don't you see if you can write a ssh-public-key to "public"
> > client-cert and ssh-private-key to "private" client-cert converter, with
> > the aim of making it as easy as possibly to do the migration
> (i.e. without
> > requiring another key exchange with the project host)?
>
> Ah. Good idea... that is just the kind of idea I was hoping people would
> come up with.
Yes, that was something on my mind too :)
I'll speak to Ben Laurie again and see if he can explain the details
of the certificate generation process to me. I'll then get started
on such a conversion util (which we could dump in /contrib ?) provided it
is at all possible. In any case I'll report back here.
Greg gave a good insight on the authentication part of my question(s), thx.
As for the authorization part, that's going to work through hooks which
is a 'Good Thing' because it is easily custimizable. Once the protocol
is set for the r/w sentinels (or once you get discussing these) I'll jump
in again ;)
Sander
> Cheers,
> -g
>
> --
> Greg Stein, http://www.lyra.org/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: dev-help@subversion.tigris.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:36:37 2006