Re: Sander, we're planning SSL on svn.collab.net soon...

From: David Waite <mass_at_akuma.org>
Date: 2002-08-13 22:21:30 CEST

Greg Stein wrote:

>And a verifiable certificate is for *authentication*, not for encryption. We
>can self-sign a certificate and get the same level of strong encryption. So
>we *will* have "real security" in the sense of "real encryption."
>
>We just won't be using the associated certificate for authenticating that
>we're talking to the "right" server.
>
Although I'm sure you realize that encryption doesn't do very much if
you are talking to an intermediary between the client and the 'right'
server :-)

SSL makes sense as long as HTTPS is to get around proxy problems rather
than for security (it doesn't make sense for security since you can do
secure authentication without SSL, and the actual content being sent is
publicly available already)

-David Waite

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Aug 13 22:28:23 2002

This message: [ Message body ]
Next message: Karl Fogel: "Re: Beginnings of python script for annotate"
Previous message: Branko Čibej: "Re: Beginnings of python script for annotate"
In reply to: Greg Stein: "Re: Sander, we're planning SSL on svn.collab.net soon..."
Next in thread: Greg Stein: "Re: Sander, we're planning SSL on svn.collab.net soon..."
Reply: Greg Stein: "Re: Sander, we're planning SSL on svn.collab.net soon..."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]