[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [Fwd: Re: Subversion + SSL + Client Certificate Authentication]

From: <kfogel_at_collab.net>
Date: 2003-08-12 06:32:15 CEST

David Waite <mass@akuma.org> writes:
> The quick description:
>
> Remove the "ssl-ignore-host-mismatch" boolean from the servers config,
> replace it with a "ssl-override-cert-hostname" string which specified
> which hostname is being overridden. It is more specific, and prevents
> me from coming along with any valid cert and doing a man-in-the-middle
> attack.

I think to truly understand this, I'll need to ponder more deeply on
certs and man-in-the-middle attacks (maybe Ben can enlighten me
tomorrow). But +1 on tossing whatever changes you feel are
appropriate into the branch.

Since we're about to merge the branch into trunk (for later
rebranching), let us know whether your change should go into this
first merge, or wait till later merge. (No need to wait on committing
it to the branch either way, of course.)

-K

> kfogel@collab.net wrote:
>
> >David Waite <mass@akuma.org> writes:
> >
> >>How does everyone feel about me tossing this change in as part of the
> >>SSL changes in the neon-0.24 branch, perhaps as an
> >>ssl-override-cert-hostname option?
> >>
> >
> >I didn't understand what it's for, from the context below. (Sorry, am
> >I just being dense?)
> >
> >-K
> >
> >
> >>-------- Original Message --------
> >>Subject: Re: Subversion + SSL + Client Certificate Authentication
> >>Date: Tue, 12 Aug 2003 00:49:48 +0200
> >>From: Tobias Ringström <tobias@ringstrom.mine.nu>
> >>To: Lübbe Onken <L.Onken@rac.de>
> >>CC: 'Chris Croome' <chris@webarchitects.co.uk>, Subversion Users
> >><users@subversion.tigris.org>
> >>References: <E07FABBCC6C6D31199270050DA5F215E5244AD@NEPTUN>
> >>
> >>
> >><snip>
> >>
> >>While this is possible, it really cripples the security that SSL is
> >>supposed to give you. I totally agree with Mukund here, and I do not
> >>like that option. An slightly more acceptable option would be:
> >>
> >> ssl-cert-hostname = wrong.hostname.com
> >>
> >>This option would allow that specific hostname and not any host
> >>name. This way you will know if something bad(TM) happens. With
> >>ssl-ignore-host-mismatch you will not see a thing. The main problem
> >>with ssl-cert-hostname is that it does not exist, though. :-)
> >>
> >
> >

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Aug 12 07:12:37 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.