[ZF] [Zope-dev] Zope Source Code Repository
ct at gocept.com
Thu Apr 2 18:10:52 EDT 2009
On Thu, 2009-04-02 at 20:43 +0200, Martijn Pieters wrote:
> On Thu, Apr 2, 2009 at 20:39, Jim Fulton <jim at zope.com> wrote:
> > On Apr 2, 2009, at 2:31 PM, Chris Withers wrote:
> >> For me, the ideal would be simply https for everything and using http
> >> basic auth for access with more people having access to update the
> >> passwd file and maybe Trac or WebSVN for a nice web interface.
> > I absolutely *hate* using https to access subversion. This involves
> > storing a key in plane text in my home directory, which is terrible.
> > I far prefer using ssh-based infrastructure for this sort of thing.
> This is no longer the case for subversion 1.6 and up, the password is
> now stored encrypted, and subversion now supports KWallet, GNOME
> Keyring, Mac OS Keychain, and Windows CryptoAPI for storage.
> See: http://subversion.tigris.org/svn_1.6_releasenotes.html#auth-related-improvements
However, this only *allows* clients to manage their password reasonably,
it doesn't force them to. SSH usually complains about bad permission
settings on files etc and I guess is usually handled better. (Note: you
can't force a passphrase onto the client either.)
From my understanding, the interesting part is what the DVCSs do: let
people sign their commits with e.g. their PGP key (strong auth) and
allow them to share that data somewhere (different mechanism maybe not
so strong auth).
Christian Theune · ct at gocept.com
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 7 · fax +49 345 1229889 1
Zope and Plone consulting and development
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/foundation/attachments/20090403/e01bb868/attachment.bin
More information about the Foundation