Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)

From: <rbb_at_rkbloom.net>
Date: 2003-01-16 18:07:23 CET

I agree with everything in this message. I will be working on patches to
implement it, but they will come slowly.

On 16 Jan 2003, Karl Fogel wrote:
> .....
> I feel like what I'm saying is not controversial; yet somehow people
> keep coming back with slightly orthogonal responses. Is there
> anything unreasonable in the statement
>
> Subversion should offer at least the same range of
> security/convenience tradeoffs as CVS does.

There is nothing unreasonable in that statement. The only remaining
question is what the default should be, which is where a big portion of
the discussion has been. If we get svn-agent working, then the default
for ra_dav can be to store the password on disk, because we have an easy
way to make auth caching secure. If we don't get svn-agent working, then
the default should be not storing the password on disk, because there is
no easy way to make authentication caching secure. All my opinion of
course.

(Honestly, this conversation got out of hand.)

Ryan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 16 17:54:34 2003

This message: [ Message body ]
Next message: rbb_at_rkbloom.net: "Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"
Previous message: Jani Averbach: "Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"
In reply to: Karl Fogel: "Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"
Next in thread: Karl Fogel: "Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"
Reply: Karl Fogel: "Re: Writing svn-agent (Was Re: [PATCH] default to --no-auth-cache)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]