Re: RFA: Encrypting auth info

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2005-02-16 17:11:30 CET

On Feb 16, 2005, at 9:29 AM, Branko Čibej wrote:
>>
>> I think creating that interface just goes too far. You can just
>> create a new auth provider which happens to encrypt or decrypt using
>> that fancy Win32 API as it stores/reads things on disk. But, nothing
>> else even needs to be aware of this particular functionality. --
>> justin
>>
> I really disagree with this. I don't want the idea of encrypting
> sensitive data to be specific to one OS, or to a particular auth
> provid configuration .
>

The authn system is designed around the idea of many provider
implementations for managing the same type of credentials.

So the idea of encrypting sensitive data wouldn't be specific to one
OS, it would be specific to one (or a set) of providers. And then a
particular *provider* would be specific to one OS.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Feb 16 17:14:17 2005

This message: [ Message body ]
Next message: Justin Erenkrantz: "Re: RFA: Encrypting auth info"
Previous message: Ben Collins-Sussman: "Re: [BOOK PATCH] Adding missing tag around Application Data"
In reply to: Branko Čibej: "Re: RFA: Encrypting auth info"
Next in thread: Justin Erenkrantz: "Re: RFA: Encrypting auth info"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]