[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Moving files around on a https repository

From: Andrew Leeper <me_at_nivenhuh.net>
Date: 2004-11-18 19:43:06 CET

Amazing words from Hiroharu Tamaru(tamaru):
#
#> What confuses me about this, though, is that I have different
#> https virtual hosts that.. work. I'm not arguing the validity of
#> the Apache ssl faq.. I'm just stating why it's odd to me.. ;)
#
#I assume you have the same server key for all your name
#virtual hosts? In that case, httpd-error.log probably
#complains that the server name and the DN of the certificate
#contradicts one another (for at least some of the servers),
#and so could the client browser.

That's correct (on both accounts).

#If you simply want a different namespace I think that's
#fine, but if you want the server authentication to work for
#the general public based on the certificate, it'd be a
#problem. An encryption without server authentication
#probably isn't the kind of security that SSL is designed to
#establish (but users can make their choises, I'd say :) ).

I'm not using this setup for any kind of sensitive data.. So I
suppose falling back to non-SSL isn't too big of a deal
(for svn). Being the paranoid person I am, though, I wanted
to have some layer of protection in place. I always feel
sketchy transmitting any kind of password in the clear. =/

I wish I had multiple ip addresses at my disposal, and I
didn't have buddies on my machine that need to use SSL
vhosts. It'd be much easier to get this going.. ;)

Thanks for the input!

-- 
-NivenHuH
Aim: NivenHuH
Email: me@nivenhuh.net
Web: http://www.nivenhuh.net
Joan of Arc heard voices too.

  • application/pgp-signature attachment: stored
Received on Thu Nov 18 19:43:08 2004

This is an archived mail posted to the Subversion Users mailing list.