svnserve TLS support?

From: Wesley J. Landaker <wjl_at_icecavern.net>
Date: 2006-04-26 16:20:17 CEST

Hi folks,

I see issue #1144 about integrating SASL into svnserve for authentication.
Has anyone considered also supporting TLS to allow security for the entire
svnserve connection, on par with what is provided currently for https?

Some advantages of having svnserve support TLS upgrading:
  * Works well with SASL, used in imaps, smtps, xmpp, ldap, etc.
  * Provides consistent transport security (vs. using SASL alone)
  * TLS is a draft internet standard that is already widely deployed.
  * Open source TLS libraries available, compatible with Subversion license:
    * GNU TLS <http://www.gnu.org/software/gnutls/> is LGPL'd.
    * OpenSSL <http://www.openssl.org/> is under an Apache-style license.
  * Doesn't require an extra IANA port (vs. using straight SSL)
    * (Since we should, as recommended, use an upgrade-to-TLS mechanism.)

Anyway, just wondering if anyone else has considered this, and/or if anyone
is interested in working on this. =)

Also, as a separate but related issue, it would also be nice to support HTTP
TLS upgrading when using http (RFC 2817); I don't think this is already
supported, but I haven't checked.)

-- 
Wesley J. Landaker <wjl@icecavern.net> <xmpp:wjl@icecavern.net>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2

application/pgp-signature attachment: stored

Received on Wed Apr 26 16:22:09 2006

This message: [ Message body ]
Next message: Julian Foad: "Re: [PROPOSAL] Issue 823 - svn checkout a single file"
Previous message: John Peacock: "Re: svn commit: r19451 - trunk/subversion/tests/cmdline"
Next in thread: Michael Sweet: "Re: svnserve TLS support?"
Reply: Michael Sweet: "Re: svnserve TLS support?"
Reply: Max Bowsher: "Re: svnserve TLS support?"
Reply: Marcus Rueckert: "Re: svnserve TLS support?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]