On 10/7/06, Matt England <mengland@mengland.net> wrote:
> (My apologies if this is a faq.)
>
> How secure are authentication artifacts (namely logins and passwords)
> during the following commands on a repo that requires login-and-password
> authentication for
>
> svn co http://myrepo.com myrepo
> cd myrepo
> touch a
> svn add a
> svn ci -m "checking new file namd 'a'"
>
> (Note that it's an 'http://' and not a 'https://' (SSL based) access.)
>
> Is the corresponding password sent in clear text? If so, then said
> passwords a quite susceptible to being sniffed, particularly on a wireless
> network (it's debatable how hard/easy this is to do on a non-wireless network).
Depends on your AuthType. Are you using Basic or Digest? Basic only
base-64 encodes the id/password pair, while Digest is more secure.
See http://linuxplanet.com/linuxplanet/tutorials/1527/4/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Oct 7 23:36:21 2006