[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Encrypted Repositories. . .?

From: Michael Williams <gberz3_at_gmail.com>
Date: 2007-06-21 15:56:53 CEST

> G'day,
>
> I am involved with design for implementation of SVN in a highly
> secure environment, including (approaching) FIPS compliance. From
> server housing to network to operating system, to the client side
> stuff. everything is encrypted and implementation and provided
> security is lot more then one may achieve by putting crypto stuff
> within SVN process. its a fairly holistic approach covering end-2-
> end, including DR & Business Continuity Planning. Involves poly-
> factor authentication, PKI, encrypted file systems, Single Sign On,
> etc.
>
> That said, this sort of implementation comes with both initial
> implementation cost and on going operational support. Your pursuit
> is reasonable, hope you got good budget and strong business sponsor.
>
> cheers
> Shirish

Yes, I'm glad you said that. I suppose the perfect question could
have been: How could I achieve FIPS validation with SVN and does
such a product exist? Not that I'm interested in FIPS approval,
simply the capabilities involved in getting there. I've worked for
companies that have gotten their products FIPS validated, and while
the FIPS process was expensive, the actual work involved (man-hours,
etc) was not. So perhaps a "stop-short" of FIPS validation is in order.

Anyway, I'm getting a good deal of resistance from the list and while
I'd love to believe that 99 out of 100 people are wrong (and I often
do ;) ) I'm going to step back and punt. I'll do my best to
reconsider potential flaws in my processes and hopefully post
something worthwhile soon.

Regards

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jun 21 15:57:44 2007

This is an archived mail posted to the Subversion Users mailing list.