Versions Compared

Old Version 35

changes.mady.by.user C. Michael Pilato

Saved on

compared with

New Version Current

changes.mady.by.user C. Michael Pilato

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: My concern about U.S. export controls has been alleviated.

...

  • Centralization: Rather than spread repository credentials cross a variety of stores (on-disk, keystores, etc.), we return to a single, easy-to-manage storage solution: the on-disk store in ~/.subversion/auth/
  • Portability: ~/.subversion/auth/ is portable across computers, allowing users to transfer what could be hundreds of different sets of stored repository credentials to other machines with ease. So long as they employed the same master passphrase on those other machines, or did a one-time passphrase change, they would be able to make use of previously cached credentials.

Concerns

  • Implementation of built-in encryption mechanisms tied to a "master passphrase" secret key might possibly complicate Subversion's distribution per the export control restrictions placed on such technologies. We need to understand and carefully consider the scope of that complication.
  • Is the Subversion codebase – and the authn subsystem specifically – capable of handling this sort of approach? (Research continues.)

...