subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Branko ─îibej <br...@apache.org>
Subject Re: Secure svnserve?
Date Fri, 25 Nov 2016 10:35:33 GMT
On 25.11.2016 11:29, Olaf van der Spek wrote:
> On Fri, Nov 25, 2016 at 11:20 AM, Branko ─îibej <brane@apache.org> wrote:
>> On 25.11.2016 11:11, Olaf van der Spek wrote:
>>> Wouldn't it be good if svnserve supported encryption directly?
>> It would be a moderately nice-to-have feature, but given that stunnel
>> exists, it's not necessary. In fact, it's better not to reinvent
>> security features that are available in existing, mature software.
> Using TLS isn't exactly reinventing security features is it?

"Using TLS" isn't a security feature. Secure private key management,
server certificate verification including OCSP/CRL, perfect forward
secrecy etc. etc. are ... and they don't come for free just by linking
OpenSSL into an application. There's plenty of room for bugs in the
implementation.

-- Brane

Mime
View raw message