Re: Encrypted Repositories. . .?

From: Dan Shookowsky <dshookowsky_at_gmail.com>
Date: 2007-06-20 19:58:05 CEST

I think the point that many folks have been trying to make with regards to
this situation is that it makes no sense to put a padlock on a paper bag.
You could have SnakeOil(tm) Brand 4096-bit elliptic curve encryption of your
source, but if you can't restrict the users who have access to the machine,
there's no preventing someone from using those same libraries to decrypt it
using the same keys.

The other issue that someone mentioned is that you lose the functionality
provided by svn because your source simply becomes an opaque binary object
that can't be merged, blamed, etc. In that scenario, you might as well have
the repository on a (trusted) local developer machine and ftp up encrypted
dumps of the repository to a central server or something equally ridiculous
Received on Wed Jun 20 19:58:23 2007

This message: [ Message body ]
Next message: David Gardner: "Re: svnserve on a USB? Any luck?"
Previous message: Kevin Greiner: "Re: svnadmin load stops with "Can't remove ... Directory not empty""
Maybe in reply to: Michael Williams: "Encrypted Repositories. . .?"
Next in thread: Michael Williams: "Re: Encrypted Repositories. . .?"
Reply: Michael Williams: "Re: Encrypted Repositories. . .?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]