On Sat, Oct 16, 2010 at 10:43:01AM +0200, Erik Huelsmann wrote:
> Hi Nico,
> 
> > I'd love to see this deployed, and love to see the protocol updated
> > enough to block the use of the older, less secure clients. But 1.7 has
> > already blown well past its release date of "this summer. If it's not
> > in feature freeze, I'll be pleasantly surprised to see such a feature.
> >
> > And let's be clear: I started ranting about this back in..... 2006?
> > 2005? The changes have been positive, but hardly complete.
> 
> I'm affraid "ranting about it" does not really help: it puts
> Subversion in a bad light, but doesn't really solve anything. So,
> instead of just stating what's wrong all the time, it would be nice if
> you started actually contributing toward the goals you think need to
> be achieved.

It should be noted that, in our community, contributing towards such
goals will also require compromise. Which people concerned about security
are rarely willing to make ("good enough" isn't good enough, it needs to
be as good and secure as it can possibly be).

I share Nico's concerns, and when I did (successfully) try to get the
behaviour changed, the community was OK with adding a prompt, but not
with dropping the feature entirely. Which I would have happily done if
people had let me do it. But fair enough, the community's decision is
binding, and overrules my own, personal, opinion.

So I don't think Nico will ever get what he wants, no matter how much
he'll be ranting about it or be trying to actually contribute towards
getting this feature removed.

And I suppose he won't be happy with GPG support either.
What he really wants is an alternate-universe Subversion which never
had the plaintext password storage feature in the first place.

> By the way: there are users (lots) who are actually not at all that
> uncomfortable with the current situation: I'm my own sysadmin with no
> network disks around. There's nothing to be hidden on this system.
> There are many others with situations alike, so plainly removing the
> current support is *no* option for me, unless you offer me a
> password-less alternative which also doesn't introduce additional
> setup requirements.

Precisely. There's no one-size-fits-all solution.
Well, there is one on Windows and Mac because they have standard password
stores.  But in the Linux/UNIX world there isn't.

Stefan

Reply via email to