subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Zhakov <i...@visualsvn.com>
Subject Re: svn+ssh long-lived daemon
Date Fri, 20 Nov 2015 15:25:29 GMT
On 20 November 2015 at 17:20, Mark Phippard <markphip@gmail.com> wrote:
> I've always felt the same, but now that I've used SSH more (with Git) I kind
> of question it.
>
> Are HTTP client certs much better than passwords?  The cert itself still has
> to be physically secured and if you protect the cert with a passphrase then
> you have all of the same cache problems that passwords do.
>
HTTP client certs a slightly better than passwords because evildoer
cannot intercept password over the wire. But on the other hand
connection is already encrypted so even plain-text password is not big
problem.

-- 
Ivan Zhakov

Mime
View raw message