[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Encrypted Repositories. . .?

From: Benjamin Podszun <ben_at_galactic-tales.de>
Date: 2007-06-20 15:30:40 CEST

Michael Williams wrote:
> Why couldn't one have a doubly encrypted session? Basically a PKI
> encrypted repository accessed via a session key? Like so:

I fear I still don't get your idea.
PKI or random shared keys help to communicate with each other securely.
But storing your code with a different random key each time you commit
something would be rather odd. Very secure, because you won't be able to
decypher it again, but - not really useful.
However you turn your current idea around: The server needs to access
the repository in plaintext somehow. Whoever has hardware access to your
machine can intervene and do nasty stuff, with only some differences in
the difficulty.

No offense, but I really think you should forget that idea.

Hmm.. You consider a dedicated server too expensive, but want
world-class protection for your source? If it is that valuable, you
should be able to pay for the hardware as well. Regarding the security
issues: I don't think that you can get better than the
encrypt-your-storage approach without wasting tremendous amount of
energy and money for a dubious benefit.

Regards,
Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jun 20 15:31:05 2007

This is an archived mail posted to the Subversion Users mailing list.