[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] don't store plain-text passwords by default

From: Stefan Sperling <stsp_at_elego.de>
Date: Fri, 18 Apr 2008 15:37:34 +0200

On Thu, Apr 17, 2008 at 09:08:31PM -0700, Eric Gillespie wrote:
> Stefan Sperling <stsp_at_elego.de> writes:
> > People have been complaining about this forever. I really think we should
> > finally start listening to our users. I realise that many on this list
> I'm mostly staying out of this, but I can't let this comment go
> by. The users who complain about this may be vocal, but I see no
> evidence they're not just a loud minority.

They may be a vocal minority compared to the rest of the user base.

But I don't think they a very few. I cannot provide exact figures,
but neither can you. I believe that many people who don't like the
current behaviour don't even bother posting their thoughts to our lists,
they probably just look into the docs, think "oh why do have to tell it
NOT to store my password", go on to do so, and forget about it.

I have never seen anyone post "please keep storing plain text passwords
by default at all costs." Someone has posted "I will tell svn to store
my password if this patch gets applied" to this thread. This is fine.
That's what the feature is for. If there's a concious decision involved,
the goal has been met.

> Heck, I don't even
> think they're the loudest minority; that honor goes to those
> seeking "true tags", whatever those may be.


Stefan Sperling <stsp_at_elego.de>                 Software Developer
elego Software Solutions GmbH                            HRB 77719
Gustav-Meyer-Allee 25, Gebaeude 12        Tel:  +49 30 23 45 86 96 
13355 Berlin                              Fax:  +49 30 23 45 86 95
http://www.elego.de                 Geschaeftsfuehrer: Olaf Wagner

  • application/pgp-signature attachment: stored
Received on 2008-04-18 15:36:12 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.