[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Any progress with svnserve.conf encryption? (was: Re: using (or coding support for) encrypted passwords)

From: Dave_Thomas mailing lists <davelist_at_peoplemerge.com>
Date: 2006-12-07 20:03:45 CET

I'll take this up with my team. I don't see a problem other than the fact
that we're going to need to move our system into production in the coming
months. Prerelease code + production system = a bad idea.

Any rough ETA on 1.5?

Dave

On 12/6/06, Ben Collins-Sussman <sussman@red-bean.com> wrote:
>
> Maybe Dave Thomas would like to deploy our trunk code, as an early
> tester of svnserve-SASL? :-)
>
>
> On 12/6/06, Vlad Georgescu <vgeorgescu@gmail.com> wrote:
> > On 12/6/06, Dave_Thomas mailing lists <davelist@peoplemerge.com> wrote:
> > > Hi,
> > >
> > > I see recent active discussions. Has a SASL-enabled server been
> > > implemented?
> >
> > Yes, support for Cyrus SASL authentication is already integrated into
> > Subversion /trunk, and will hopefully make it into the next minor
> > release (1.5.0). Cyrus SASL supports several password-checking
> > mechanisms that use encrypted passwords, such as:
> >
> > - GSSAPI (Kerberos)
> > - authentication mechanisms that use non-plaintext secrets, such as
> > OTP (One-time Passwords) or SRP (Secure Remote Password)
> > - PAM, /etc/shadow (however this would also require SSL support,
> > otherwise the password _transmission_ wouldn't be secure)
> >
> > --
> > Vlad
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
> > For additional commands, e-mail: dev-help@subversion.tigris.org
> >
> >
>
Received on Thu Dec 7 20:04:14 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.