Re: [PATCH] default to --no-auth-cache

From: Karl Fogel <kfogel_at_newton.ch.collab.net>
Date: 2003-01-14 00:49:29 CET

Folks, this thread is spiralling down the Infinite Death Trap of
Perfect Technical Correctness :-). Can we just assume this:

Passwords are overwhelmingly likely to be sensitive data, and
usernames are not. There may be times when the username is sensitive,
for some people in some situations, but this is *extremely* rare and
we do not need to optimize our interfaces for it. Furthermore, anyone
who doesn't want to store their username will also not want to store
their password. Therefore there is never any need to control the
username separately.

At this point I've lost track of all the flag/config combinations that
have been proposed. But if Ryan posts a proposal that allows users to

1. Toggle username and password storing together, via a command
line flag and via a config option.

2. Toggle *just* password storing, via a command line flag and via
a config option.

...I will happily +1 it, and encourage you to do the same :-).

(Command line flags always override config, as usual, of course.)

-K

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Jan 14 01:35:28 2003

This message: [ Message body ]
Next message: Sander Striker: "RE: [PATCH] default to --no-auth-cache"
Previous message: rbb_at_rkbloom.net: "Re: [PATCH] default to --no-auth-cache"
In reply to: rbb_at_rkbloom.net: "RE: [PATCH] default to --no-auth-cache"
Next in thread: Sander Striker: "RE: [PATCH] default to --no-auth-cache"
Reply: Sander Striker: "RE: [PATCH] default to --no-auth-cache"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]