Daniel Rall wrote:
>"Sander Striker" <striker@apache.org> writes:
>
>>>"Sander Striker" <striker@apache.org> writes:
>>>
>>>>[auth methods]
>>>> - anonymous (http and https)
>>>> - user/passwd (http and https)
>>>> - client cert (https)
>>>>
>>>Sometimes multiple layers of authentication are desired (i.e. both
>>>user/password and certs).
>>>
>>AFAIK this is possible to do in apache (the example you provide).
>>
>>I don't see this as desired though. A cert should be enough,
>>it identifies and authenticates the user. Can you give me an
>>example of where it isn't (with subversion in mind)?
>>
>
>When customer requirements dictate otherwise (one could argue that
>multilayer authentication is theoretically more secure).
>
There are all sorts of crazy security models out there, and redundancy
is typically associated with more security. We can't anticipate the
methods that we'll need to use down the road. As an example of something
orthogonal to our ways of thinking, what about SecurID (time-based
authentication card)?
>
>Personally, certs would be secure enough for me. However, IMHO the
>ability to implement multi-layer authentication should be supported
>for situations where layering is desired.
>
As Ben said, if we handle authentication as a chain of one or more
methods, that should take care of all the weird cases, and gracefully
handle the normally expected ones as well.
--mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:36:39 2006