[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Authentication

From: Brian Behlendorf <brian_at_collab.net>
Date: 2001-09-04 18:57:14 CEST

On Tue, 4 Sep 2001, Sander Striker wrote, quoting Daniel Rall:
> > Sometimes multiple layers of authentication are desired (i.e. both
> > user/password and certs).
>
> AFAIK this is possible to do in apache (the example you provide).
>
> I don't see this as desired though. A cert should be enough,
> it identifies and authenticates the user. Can you give me an
> example of where it isn't (with subversion in mind)?

Two-factor auth: something you have (certs) and something you know
(password/phrase). It helps keep things secure in the face of lost
laptops, accidentally revealed passwords, and other edge cases.

        Brian

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:36:39 2006

This is an archived mail posted to the Subversion Dev mailing list.