At 10/29/2004 07:59 AM, Max Bowsher wrote:
>Perhaps SSL client certificates would suit your purposes? IIUC, they would
>perform more-or-less what you are trying to achieve, without you having to
>write code yourself.
Yes, this might be a good option. I had not known/thought about SSL
*client* certificates. It's something I'll want to look into. A brief bit
of googling did not produce much beyong SSL client certs for things like
Lotus Notes. Got any open-source/free-of-charge type references you can
suggest?
>>In any case, this approach apparently is neither easy nor generally
>>practiced in the config-management/subversion community...which is mostly
>>what I wanted to know, and I now I know, or at least have some sort of
>>initial "temperature" reading on this stuff.
>
>Subversion generally delegates complicated authn/authz to Apache, because
>it is a large flexible pre-existing base of code in this area.
>
>Would an encrypting filesystem combined with SSL client certs provide
>something near enough to your goal?
I think so, and I very much appreciate your suggesting this alternative. I
am checking into this alternative for my linux-based system(s).
>Because that is a solution that could be assembled from "off-the-shelf"
>components, using unmodified Subversion code.
Yes, that does seem like the way to go after seen your comments, thought
about this, and done a little more web research (a classic case of
presuming a solution to my problem only to find other, alternative, better
ways to skin the cat).
So far, this seems to be the most-promising link:
http://www.linux.com/howtos/Cryptoloop-HOWTO/index.shtml
Any other pointers or suggestions? Suggested communities?
I may hang around usenet = sci.crypt if I get serious. I'd be interested
in any web-forum communities anybody might know, too (as in
phpBB/vBulletin-look-alike web forums).
Finally: Any other ways to potentially solve my problem of securing
confidential data while still distributing it easily over the web?
-Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Oct 29 23:00:35 2004