Re: svn commit: rev 4602 - branches/issue-650-ssl-certs/subversion/libsvn_ra_dav

From: <joe_at_manyfish.co.uk>
Date: 2003-01-29 20:40:45 CET

On Wed, Jan 29, 2003 at 10:41:42AM -0700, David Waite wrote:
Joe Orton wrote:
Hi - these turn off security config options seem to be of dubious
value: ignoring common name mismatches and untrusted CAs both allow MITM
attacks if enabled. I think it's better to require manual intervention
for any cert validation errors.

How often, though? Once per server? Once per ra-hitting command?
Currently it is an option which requires manual override within a
configuration file, and which can (and should) be overridden on a
server-by-server basis. If these are not enabled in the configuration
file, it is always a fatal connection error.

I would say once per ra session: by manual intervention I meant a
prompt in the user interface.

That will probably be a fair amount of work: a good first step would be
to add the config options to load trusted CA certs, and remove the calls
to ne_ssl_set_verify so that a cert verification error is always fatal.

Regards,

joe

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 14 02:24:11 2006

This message: [ Message body ]
Next message: azverkan_at_yahoo.com: "Re: a little off topic: dd webdav client on nt"
Previous message: brane_at_xbc.nu: "Re: Svn client and multiprocessor machine"
Next in thread: mass_at_akuma.org: "Re: svn commit: rev 4602 - branches/issue-650-ssl-certs/subversion/libsvn_ra_dav"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]