[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [Issue 650] Changed - certificate handling

From: Kevin Pilch-Bisson <kevin_at_pilch-bisson.net>
Date: 2002-04-09 15:57:06 CEST

On Tue, Apr 09, 2002 at 01:57:57PM -0000, issues@subversion.tigris.org wrote:
> + ------- Additional Comments From cmpilato@tigris.org 2002-04-09 06:57 -------
> + Given that SSL without certs earns us a CVS-matching encryption level,
> + assigning this a post-1.0 milestone.
>
This cert handling is required to use SSL properly. We need to be able to
verify that the server cert is valid. For example warn about self-signed
server certs, etc.

Without this cert handling, SSL buys us no security whatsoever (well not much
at least).

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kevin Pilch-Bisson                    http://www.pilch-bisson.net
     "Historically speaking, the presences of wheels in Unix
     has never precluded their reinvention." - Larry Wall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • application/pgp-signature attachment: stored
Received on Tue Apr 9 16:02:48 2002

This is an archived mail posted to the Subversion Dev mailing list.