Re: New (1.5) feature questions -- things we need to address before a release can happen

On 5/25/07, Vlad Georgescu <vgeorgescu@gmail.com> wrote:
> Mark Phippard wrote:
> > [...]
> > SASL
> > Where is the notes file that explains the feature? What can you do
> > with it? Does it, or does it not support TLS or SSL? Does it work on
> > Windows? What is involved in bulding support for it into the client
> > and server? What happens if client and server do not both have the
> > support compiled in? How does one set it up etc. Given that we are
> > reasonably close to a 1.5 release this information should all be
> > readily available.
>
> I added a file (notes/sasl.txt) in r25148 that I think addresses these
> issues. Reviews are welcome.

Thanks, it is a good document. I do have some questions/comments.

1) What controls which auth mechanisms the client supports? It must
be something about how SASL that the client is using was compiled?

2) It seems like we really need to provide a pre-built library for
Windows. There has been talk about doing this for all our
dependencies which would be a good idea.

3) As I think I understand it, the auth mechanism is not bound to the
back-end store being used? So for example, you could use LDAP as the
user store, and still support the CRAM-MD5 auth mechanism which would
allow older clients to connect using their LDAP credentials? Server
could also offer additional auth mechanisms for the newer clients?

4) Encryption. Is there any other configuration involved, such as
certificates? What exactly is encrypted? The svnserve traffic? Just
the auth traffic? Just the post-auth traffic?

-- 
Thanks
Mark Phippard
http://markphip.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org