[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Are http-based password authentications secure?

From: Garrett Rooney <rooneg_at_electricjellyfish.net>
Date: 2006-04-25 00:28:20 CEST

On 4/24/06, Matt England <mengland@mengland.net> wrote:
> Are authentication passwords given to update a repo that is checked out via
> "http://" vs "https://" secure, in the sense that their transmission is
> encrypted?

It depends on how you set up apache. If you use basic auth no, you
need https to encrypt them, if you use digest auth, then yes, they are
encrypted on the wire.

-garrett

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Apr 25 00:29:45 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.