[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Passwords, Security, and Performance

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: Sun, 02 Nov 2008 14:53:58 -0500

On Sun, 2008-11-02 at 14:37 -0400, Mark Eichin wrote:
> Not to minimize your analysis, but wouldn't any place that takes
> passwords seriously use svn+ssh instead, such that the server never
> sees them (ie. *real* single signon, with Kerberos for example...) and
> to properly delegate security concerns to the people who truly obsess
> over them?

Performance tends to be underwhelming with svn+ssh, at least in svn
1.4.x, because we create so many sessions for each command.

However, I'll echo that "single sign-on" does not mean "single
password." See:


To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-11-02 20:54:17 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.