Login | Register
My pages Projects Community openCollabNet

Discussions > dev [DISABLED] > Re: RFC: New authn/authz policy for svn.collab.net

subversion
Discussion topic

Back to topic list

Re: RFC: New authn/authz policy for svn.collab.net

Author stsp
Full name Stefan Sperling
Date 2009-08-03 14:47:14 PDT
Message On Thu, Jul 30, 2009 at 02:21:34PM -0400, C. Michael Pilato wrote:
> Stefan Sperling wrote:
> > In my opinion, if we can keep the SSL option for anonymous users
> > without major effort, let's keep it. It's the only way for anonymous
> > users to get our at trunk code securely (releases are already PGP-signed).
>
> My goal was simplify the configuration while at least offering the kind of
> security afforded by other hosting providers. But there isn't even a
> consensus across the "big ones": GoogleCode is anonymous HTTP,
> authenticated HTTPS; SourceForge.net is HTTPS only; and Tigris.org is HTTP
> only (clearly undesirable).
>
> We can go SSL-only (with redirects for non-SSL access so old links don't
> break). It means I have to maintain my current workaround for the svn-org's
> repository (which wants to be anonymously readable minus some private bits,
> authenticatedly read/write all over)[1], but that's not the end of the world.

I guess SSL-only is fine then.

By the way, an SSL cert signed by some CA would be great.
Right now the cert is self-signed. Maybe a fresh cert could
be slipped in as a bonus while we're at it?
Otherwise, going SSL-only would mean that people would have to click
quite a lot of buttons to view our repo, at least in Firefox-3.

Stefan

« Previous message in topic | 8 of 12 | Next message in topic »

Messages

Show all messages in topic

RFC: New authn/authz policy for svn.collab.net cmpilato C. Michael Pilato 2009-07-30 09:11:05 PDT
     Re: RFC: New authn/authz policy for svn.collab.net arfrever Arfrever Frehtes Taifersar Arahesis 2009-07-30 09:29:32 PDT
         Re: RFC: New authn/authz policy for svn.collab.net cmpilato C. Michael Pilato 2009-07-30 09:37:15 PDT
             Re: RFC: New authn/authz policy for svn.collab.net ajkloss Alec Kloss 2009-07-30 10:15:03 PDT
                 Re: RFC: New authn/authz policy for svn.collab.net jwhitlock Jeremy Whitlock 2009-07-30 10:41:40 PDT
                     Re: RFC: New authn/authz policy for svn.collab.net stsp Stefan Sperling 2009-07-30 11:03:28 PDT
                         Re: RFC: New authn/authz policy for svn.collab.net cmpilato C. Michael Pilato 2009-07-30 11:21:36 PDT
                             Re: RFC: New authn/authz policy for svn.collab.net stsp Stefan Sperling 2009-08-03 14:47:14 PDT
                 Re: RFC: New authn/authz policy for svn.collab.net julianfoad Julian Foad 2009-07-30 10:44:02 PDT
     WARNING: Upcoming authn/authz policy change for svn.collab.net cmpilato C. Michael Pilato 2009-07-30 10:59:41 PDT
         Re: WARNING: Upcoming authn/authz policy change for svn.collab.net cmpilato C. Michael Pilato 2009-08-11 14:37:30 PDT
             Re: WARNING: Upcoming authn/authz policy change for svn.collab.net cmpilato C. Michael Pilato 2009-08-11 20:13:59 PDT
Messages per page: