[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Change default "store-passwords" policy to "no"

From: Justin Erenkrantz <justin_at_erenkrantz.com>
Date: 2007-10-11 21:40:42 CEST

On Oct 11, 2007 12:10 PM, Jack Repenning <jrepenning@collab.net> wrote:
> Tangenting back off the original proposal, seems like it would be a
> far more useful investment of time to enable encrypted storage on
> *nix when OpenSSL is available.

I don't think you could even design a truly secure encrypted storage
with OpenSSL that doesn't require prompting the user for a password
every time or have a long-lived process that knows the store's
password (which requires the password once per that process). At
best, you can create an agent daemon that communicates over IPC (like
ssh-agent); but that's been discussed for years and not a single soul
has ever deemed it worth implementing.

Note that I'm very very much against a 'fake' crypto approach being
stored on disk. -- justin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 11 21:40:53 2007

This is an archived mail posted to the Subversion Dev mailing list.