[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: RFC: New authn/authz policy for svn.collab.net

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Thu, 30 Jul 2009 14:21:34 -0400

Stefan Sperling wrote:
> In my opinion, if we can keep the SSL option for anonymous users
> without major effort, let's keep it. It's the only way for anonymous
> users to get our at trunk code securely (releases are already PGP-signed).

My goal was simplify the configuration while at least offering the kind of
security afforded by other hosting providers. But there isn't even a
consensus across the "big ones": GoogleCode is anonymous HTTP,
authenticated HTTPS; SourceForge.net is HTTPS only; and Tigris.org is HTTP
only (clearly undesirable).

We can go SSL-only (with redirects for non-SSL access so old links don't
break). It means I have to maintain my current workaround for the svn-org's
repository (which wants to be anonymously readable minus some private bits,
authenticatedly read/write all over)[1], but that's not the end of the world.

[1] See http://blogs.open.collab.net/svn/2007/03/authz_and_anon_.html

-- 
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2377094

Received on 2009-07-30 20:21:49 CEST

This is an archived mail posted to the Subversion Dev mailing list.