[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

reality check: additional access mechanism

From: Greg Stein <gstein_at_lyra.org>
Date: 2002-08-31 01:37:50 CEST

This thread has been quite wonderful, in terms of showcasing different
policies, security environments, etc. And for fleshing out some of the
different needs of the (potential) user community out there.

However... let's throw a bit of reality into the mixture here:

* SSH tunneling and ra_pipe is a valid way to have a client talk to the
  server. I don't think anybody has actually argued against this fact, and
  our lack of an ra_pipe isn't meant as a statement against the model.

* A good portion of the active developers and contributors believe that
  ra_dav and HTTP over SSL is at least as good, from a security standpoint,
  as the SSH-tunneled scenario. It uses a different security infrastructure
  (the HTTP/SSL infrastructure vs SSH infrastructure), but they appear
  reasonably equivalent from a functional standpoint.

* Rather than develop a new protocol for ra_pipe, and a lot of client and
  server code for handling that protocol, the developers chose to use
  WebDAV, Neon, and Apache. Thus, we have concentrated on ra_dav.

* None of the current developers is actively working on ra_pipe, nor plans
  to before the 1.0 release. A couple devs are doing some part time work on
  ra_pipe, as they have time/inclination. It is unknown whether that will be
  available at 1.0 release time (and if so, whether we'd incorporate it into
  the base patch, or make it available as some kind of "experimental" patch;
  depends a lot on its quality level, of course, and when 1.0 is finally

I'd kind of summarize as, "yup. fine idea. nobody has worked on it in the
past, nor plans to before 1.0."

We can sit around and talk up one mechanism, and down the other, but it
isn't going to change the basic facts of the development situation. Further,
it is recognized that this will result in fewer people using Subversion
because of their specific security requirements/infrastructure. However, if
people want to try to raise that as "an issue", then the simple response is
that we recognize it and we are (implicitly) fine with fewer users. If
somebody *wasn't* fine with it, then you would see more activity on ra_pipe.

Personally, I don't mind the reduced number of initial users. In the long
run, they'll become Subversion users. It is just a matter of time and a
simple matter of programming.

All Your Base Belong To Us,

Greg Stein, http://www.lyra.org/
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Aug 31 01:32:54 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.