subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <s...@elego.de>
Subject Re: Secure svnserve?
Date Fri, 25 Nov 2016 10:46:30 GMT
On Fri, Nov 25, 2016 at 11:37:10AM +0100, Branko ─îibej wrote:
> On 25.11.2016 11:33, Stefan Sperling wrote:
> > On Fri, Nov 25, 2016 at 11:11:15AM +0100, Olaf van der Spek wrote:
> >> Wouldn't it be good if svnserve supported encryption directly?
> > svnserve does support encryption directly, but not with TLS.
> > Instead, it uses SASL for this purpose.
> 
> Um. SASL is used for authentication. The actual svnserve protocol stream
> remains unencrypted.
> 
> -- Brane

"SASL is also able to perform data encryption if a particular
mechanism supports it."
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sasl

I'm not saying SASL wasn't a pain to set up, or that DIGEST-MD5 was
very secure. But the mechanism exists and is advertised in the docs.

Mime
View raw message