[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Sander, we're planning SSL on svn.collab.net soon...

From: David Waite <mass_at_akuma.org>
Date: 2002-08-13 22:21:30 CEST

Greg Stein wrote:

>And a verifiable certificate is for *authentication*, not for encryption. We
>can self-sign a certificate and get the same level of strong encryption. So
>we *will* have "real security" in the sense of "real encryption."
>We just won't be using the associated certificate for authenticating that
>we're talking to the "right" server.
Although I'm sure you realize that encryption doesn't do very much if
you are talking to an intermediary between the client and the 'right'
server :-)

SSL makes sense as long as HTTPS is to get around proxy problems rather
than for security (it doesn't make sense for security since you can do
secure authentication without SSL, and the actual content being sent is
publicly available already)

-David Waite

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Aug 13 22:28:23 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.