On Wednesday 26 April 2006 09:01, Michael Sweet wrote:
> Wesley J. Landaker wrote:
> > ...
> > Also, as a separate but related issue, it would also be nice to support
> > HTTP TLS upgrading when using http (RFC 2817); I don't think this is
> > already supported, but I haven't checked.)
>
> There *are* issues with HTTP Upgrade that may be non-trivial to deal
> with in Neon and Serf; basically, server-initiated upgrades can
> happen too late to provide protection of sensitive information, so
> you need to tweak the client code a little to work around it...
>
> We use the "Expect: 100-continue" header in CUPS to get the 426
> response before sending the request body...
So, assuming this support was desired, is that something that would/should
be changed in Subversion, or in Neon, or both? I understand what you're
saying about server-initiated upgrades, I'm just not very familiar with how
much of this is controlled by libraries (i.e. Neon) and how much by
Subversion itself (i.e. libsvn_ra_dav).
--
Wesley J. Landaker <wjl@icecavern.net> <xmpp:wjl@icecavern.net>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094 0097 F0A9 8A4C 4CD6 E3D2
- application/pgp-signature attachment: stored
Received on Wed Apr 26 17:22:32 2006