Dear Wiki user, You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change notification.
The "MasterPassphrase" page has been changed by CMichaelPilato: http://wiki.apache.org/subversion/MasterPassphrase?action=diff&rev1=13&rev2=14 === High-level notions === At a minimum, we'll need: - * Access to a library for doing string encryption/decryption. + * Access to a library for doing string encryption/decryption. Blowfish? 3DES? Something else? * A mechanism for telling Subversion to use a master passphrase. Probably a runtime configuration variable (`use-master-passphrase`, e.g.). * A way to know how to find the master passphrase in existing keyring caches. Probably a static string ("Subversion Master Password") or somesuch. * A means for verifying that a user- or keystore-provided passphrase is the correct one, such as a self-check against a known string. We might want two strings here, actually: one stored in the authn cache files themselves (to verify that the passphrase was the one used for that set of credentials), and one stored in a provider- and realmstring-independent location (to confirm the current master passphrase). The former of those is probably only necessary if the decryption algorithm is able to return valid-looking-yet-wrong results. If, however, the decryption algorithm can detect the attempted use of the wrong secret, we only need the single this-confirms-the-current-master-password known-text string.
