On 19 October 2010 10:18, Johan Corveleyn <jcor...@gmail.com> wrote: > On Tue, Oct 19, 2010 at 9:46 AM, Stephen Connolly > <stephen.alan.conno...@gmail.com> wrote: >> Exposing the feature would not in an of itself force the client to use >> the keyring, but it would allow the server to have a start-commit hook >> that blocked a commit if the user had plaintext password storage >> enabled... > > Just keep in mind that alerting users with start-commit hook only > works for users that actually commit of course. You won't reach users > that merely checkout/update/log/blame/...
true, but that assumes you require authentication to have read access. we do not require authentication for read, only for write > > It might be a better solution to implement this check in a lower > level, in the ra-protocols (naïvely, e.g. with http(s): client sends > with every request a header announcing the way it stores its > password). Of course, you'd like to do this without adding too much > overhead (handshaking, ... for every tiny request that the client > makes to the server). Maybe there is already some functionality > present for protocol/feature negotiation, I don't know ... > > Just my 0.02€ > > Cheers, > -- > Johan > I agree that this would be better! -Stephen