[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: rev 4602 - branches/issue-650-ssl-certs/subversion/libsvn_ra_dav

From: <joe_at_manyfish.co.uk>
Date: 2003-01-29 20:40:45 CET

On Wed, Jan 29, 2003 at 10:41:42AM -0700, David Waite wrote:
 Joe Orton wrote:
 Hi - these turn off security config options seem to be of dubious
 value: ignoring common name mismatches and untrusted CAs both allow MITM
 attacks if enabled. I think it's better to require manual intervention
 for any cert validation errors.
 How often, though? Once per server? Once per ra-hitting command?
 Currently it is an option which requires manual override within a
 configuration file, and which can (and should) be overridden on a
 server-by-server basis. If these are not enabled in the configuration
 file, it is always a fatal connection error.

I would say once per ra session: by manual intervention I meant a
prompt in the user interface.

That will probably be a fair amount of work: a good first step would be
to add the config options to load trusted CA certs, and remove the calls
to ne_ssl_set_verify so that a cert verification error is always fatal.



To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 14 02:24:11 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.