Re: Sander, we're planning SSL on svn.collab.net soon...

From: Bernd Walter <ticso_at_cicely5.cicely.de>
Date: 2002-08-14 00:14:42 CEST

On Tue, Aug 13, 2002 at 01:11:52PM -0700, Greg Stein wrote:
> On Tue, Aug 13, 2002 at 02:30:59PM -0500, Karl Fogel wrote:
> > Timothee Besset <ttimo@idsoftware.com> writes:
> > > I suppose you will want to have the SSL certifcate signed by a
> > > certificate authority and you don't want to sign it yourself?
> >
> > Actually, we're doing this more to help people get around
> > uncooperative proxies than for real security.
>
> And a verifiable certificate is for *authentication*, not for encryption. We
> can self-sign a certificate and get the same level of strong encryption. So
> we *will* have "real security" in the sense of "real encryption."
>
> We just won't be using the associated certificate for authenticating that
> we're talking to the "right" server.

The client is currently not verifying neither the certificate nor
the common name so there is no win in having an offical certificate.

-- 
B.Walter              COSMO-Project         http://www.cosmo-project.de
ticso@cicely.de         Usergroup           info@cosmo-project.de
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Wed Aug 14 00:15:49 2002

This message: [ Message body ]
Next message: Timothy Reaves: "SVN & ssl"
Previous message: Shay Harding: "Re: OPTIONS request failed error"
In reply to: Greg Stein: "Re: Sander, we're planning SSL on svn.collab.net soon..."
Next in thread: David Summers: "Re: Sander, we're planning SSL on svn.collab.net soon..."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]