On Tue, 2006-07-03 at 09:35 +, Chris Withers wrote:
*sigh* red tape wins again. It's much easier to just do nothing, and
just not be able to contribute from behind a firewall...
Yeah, this is always unfortunate.
The issues aren't so much technical feasibility as social / legal: a
checkin done using somebody's private key is way less deniable than one
done with a password. Unless you plan to set up a system for issuing
client certificates to contributors, I don't think https is superior to
svn+ssh at all.
Hmmm, I'm tempted to call BS on this. How much of this has actually been
tested in a court? Really, all this crap gets caught up on pseudo legal
BS which ultimately just makes it more difficult for people to
contribute :-( I really don't get the whole paranoia about passwords
anyway... yes, client certs and public key are more secure, but
really, why are we setting the bar so high? It's not like we're dealing
with top secret national security stuff...
+1 on Chris' comments
For trying to get people to help out, this sucks ass. Come on, we're an
open source project, we _want_ people to help out, not keep on pushing
them away with higher and higher bars :-(
+1 once more
For my own contribution I could really care less what protocols we use,
since Im in a situation where I can use whatever.
But out of the 20 or so public SVN repos i have write access to,
zope.org is the only one that requires this whole ssh thing (most do
writing over https, a few do writing over regular http). Its certainly
not the norm. I realize changing it at this point would probably be a
major pain for all existing contributors, but lowering the bar for new
contributors is definitely worth it IMHO.
Anyhow, just my 2 cents.
- Rocky
--
Rocky Burt
AdaptiveWave - Content Management as a Service
http://www.adaptivewave.com
Content Management Made Simple
___
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )