Re: RFC: New authn/authz policy for svn.collab.net

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Thu, 30 Jul 2009 14:21:34 -0400

Stefan Sperling wrote:
> In my opinion, if we can keep the SSL option for anonymous users
> without major effort, let's keep it. It's the only way for anonymous
> users to get our at trunk code securely (releases are already PGP-signed).

My goal was simplify the configuration while at least offering the kind of
security afforded by other hosting providers. But there isn't even a
consensus across the "big ones": GoogleCode is anonymous HTTP,
authenticated HTTPS; SourceForge.net is HTTPS only; and Tigris.org is HTTP
only (clearly undesirable).

We can go SSL-only (with redirects for non-SSL access so old links don't
break). It means I have to maintain my current workaround for the svn-org's
repository (which wants to be anonymously readable minus some private bits,
authenticatedly read/write all over)[1], but that's not the end of the world.

[1] See http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html

-- 
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2377094

application/pgp-signature attachment: OpenPGP digital signature

Received on 2009-07-30 20:21:49 CEST

This message: [ Message body ]
Next message: Stefan Sperling: "Re: issue 3342 - summary of conflicts and skips"
Previous message: Julian Foad: "Re: issue 3342 - summary of conflicts and skips"
In reply to: Stefan Sperling: "Re: RFC: New authn/authz policy for svn.collab.net"
Next in thread: Julian Foad: "Re: RFC: New authn/authz policy for svn.collab.net"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]