Re: RFC: New authn/authz policy for svn.collab.net

From: Alec Kloss <alec.kloss_at_oracle.com>
Date: 30 Jul 2009 12:14:58 -0500

On 2009-07-30 12:37, C. Michael Pilato wrote:
> Arfrever Frehtes Taifersar Arahesis wrote:
[chop]
> > IMHO anonymous repository access should be still available over SSL connections.
>
> I disagree. Doing this adds unnecessary complication to the configuration
> (some of which is exactly the kind of thing I'm trying to get rid of by
> applying the rules I suggested), unnecessary performance/load penalties to
> the server (why do we want to be doing SSL calculations for anonymous
> accessors?), and all while bringing no discernible benefit to the users.
>

SSL for anonymous access prevents MITM attacks on downloads from the
repository.

-- 
Alec.Kloss_at_oracle.com			Oracle Middleware
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x432B9956

application/pgp-signature attachment: stored

Received on 2009-07-30 19:15:22 CEST

This message: [ Message body ]
Next message: Julian Foad: "Re: issue 3342 - summary of conflicts and skips [was: ... 3432 ...]"
Previous message: Stefan Sperling: "Re: issue 3342 - summary of conflicts and skips [was: ... 3432 ...]"
In reply to: C. Michael Pilato: "Re: RFC: New authn/authz policy for svn.collab.net"
Next in thread: Jeremy Whitlock: "Re: RFC: New authn/authz policy for svn.collab.net"
Reply: Jeremy Whitlock: "Re: RFC: New authn/authz policy for svn.collab.net"
Reply: Julian Foad: "Re: RFC: New authn/authz policy for svn.collab.net"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]