subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache subversion Wiki <comm...@subversion.apache.org>
Subject [Subversion Wiki] Update of "MasterPassphrase" by CMichaelPilato
Date Thu, 22 Mar 2012 18:33:53 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change notification.

The "MasterPassphrase" page has been changed by CMichaelPilato:
http://wiki.apache.org/subversion/MasterPassphrase?action=diff&rev1=10&rev2=11

Comment:
Clarify how pre-existing disk-cached creds will be treated, and relocate a question to the
new Compatibility section.

  
  == Concerns ==
   * Implementation of built-in encryption mechanisms tied to a "master passphrase" secret
key might possibly complicate Subversion's distribution per the export control restrictions
placed on such technologies. We need to understand and carefully consider the scope of that
complication.
-  * These changes have the potential to vastly simplify our authn codebase, specifically
as regards integrations with the platform-specific providers.  Do we need/want to continue
to maintain the existing approach, though, for folks that opt out of the master passphrase
(or for whom it is unavailable for some reason)?
   * Is the Subversion codebase -- and the authn subsystem specifically -- capable of handling
this sort of approach?  (Research continues.)
  
+ == Compatibility ==
+ Users with existing on-disk cached credentials will be able to continue using those cached
credentials.  If the use-master-passphrase configuration bit is enabled, those credentials
will be automatically encrypted; otherwise, they will remain in plaintext.
+ 
+ {{{#!wiki warning
+ These changes have the potential to vastly simplify our authn codebase,
+ specifically as regards integrations with the platform-specific
+ providers.  Do we need/want to continue to maintain the existing
+ approach, though, for folks that opt out of the master passphrase (or
+ for whom it is unavailable for some reason)?
+ }}}
  == Additional Resources ==
   * http://subversion.tigris.org/issues/show_bug.cgi?id=4145 - Issue tracker artifact for
this feature
  

Mime
View raw message