On Mon, Jul 25, 2005 at 02:36:16AM +0200, Branko ??ibej wrote:
> Mark Benedetto King wrote:
> >
> >1.) Credentials caching is insufficient.
> >
> >If we ignore the "first-use" case (where caching obviously loses) on
> >the grounds that it happens infrequently in practice, we are still
> >left with the fact that (except on Windows) many people quite reasonably
> >consider our plain-text credentials caching unacceptable.
> >
> >
> Note that I said "credentials", not "password". Credentials include
> usernames. If we're currently unable to tell the client to cache the
> username but not the password, then by all means let's teach it to do so.
>
It is my impression that --no-auth-cache disables the caching of
all authentication credentials.
> (Oh, and people don't consider plain-text password caching acceptable on
> Windows, either -- that's why Subversion encrypts passwords on Windows
> as of 1.2.0.)
Yes, that is what I was alluding to. I wish we had a better solution
for non-Windows platforms.
>
> >2.) Always accepting --username is insufficient.
> >
> >Okay, I can't argue with this because it /would/ be sufficient, but what
> >I *can* say is that always accepting --username is not necessarily the
> >right thing to do. Should we also always accept --editor-cmd? No,
> >because we have $SVN_EDITOR...
> >
> >
> And I do consider $SVN_EDITOR to be a mistake. Note that we also
> understand $EDITOR and $VISUAL, and that's fine, because they are
> considered standard ways of defining the default editor on Unix.
>
> I'd be much obliged if you'd revert r15393 until we setlle this issue.
>
Done.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Jul 25 18:41:03 2005