Client side password safety (was: storing user passwords in non-cleartext form in password-db file)

From: John Rousseau <JRousseau_at_novell.com>
Date: 2004-10-25 19:28:49 CEST

Are there plans for implementing a secure client side storage mechanism?
Something along the lines of ssh-agent would be ideal.

We would love to back our subversion apache instance with Novell's
corporate LDAP directory for authentication, but the presence of cleartext
passwords on the client prevents us from doing this.

In Max's previous post he states that using http[s]:// helps solve this
problem, but unless we use SSL/TLS with client certificates, I don't see
how.

-John

-- 
----------------------------------------------------------------
John Rousseau                               JRousseau@novell.com
Novell, Inc.                               http://www.novell.com
----------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Received on Mon Oct 25 19:29:33 2004

This message: [ Message body ]
Next message: Eric Gillespie: "Re: storing user passwords in non-cleartext form in password-db file"
Previous message: James FitzGibbon: "RE: umask problem with server"
Next in thread: Max Bowsher: "Re: Client side password safety (was: storing user passwords in non-cleartext form in password-db file)"
Reply: Max Bowsher: "Re: Client side password safety (was: storing user passwords in non-cleartext form in password-db file)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]