RE: Re: Cached credentials decrypted client or server?

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Fri, 8 Oct 2010 11:43:27 -0400

>
> > On Thu, Oct 7, 2010 at 13:17, Aaron McIver
> <aaron.mciver_at_gmail.com> wrote:
> > > The stored auth credentials, are those decrypted client side or
> server side?
> >
> > They encrypted & decrypted locally when accessed by the client to
> > communicate with the server.
> >
> > They are sent to the repository for authentication encrypted or
> > obfuscated if you are using an access/authentication method which
> > supports/requires it - digest authentication over HTTP, HTTPS,
> SASL
> > with svnserve, etc.
>
> You say they are encrypted/decrypted locally...but then you say
> they are sent to the server encrypted? Why would the client decrypt
> them if they are doing no validation?
>
> I'm confused.

The client encrypts/decrypts locally. However, some protocols will encrypt it over the wire.

At least, that is my understanding of it.

(please don't top post)

BOb

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2669338

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-10-08 17:43:39 CEST

This message: [ Message body ]
Next message: chroyer_at_comcast.net: "Re: 1.6.10 post-commit client hook fails when only deleting folder"
Previous message: Aaron McIver: "RE: Re: Re: Cached credentials decrypted client or server?"
In reply to: Aaron McIver: "RE: Re: Cached credentials decrypted client or server?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]