On Tue, 2004-03-16 at 21:20, Ben Laurie wrote: > William A. Rowe, Jr. wrote: > > > At 11:27 AM 3/16/2004, Ben Laurie wrote: > > > >>Justin Erenkrantz wrote: > >> > >> > >>>--On Monday, March 15, 2004 10:52 AM +0000 Ben Laurie <[EMAIL PROTECTED]> wrote: > >>> > >>> > >>>>It is? How? Unless the committer signs (which ISTR was rejected as an option > >>>>when I suggested it, so I'm assuming that doesn't happen), then they must be > >>>>signed by the server - a successful attacker can therefore sign his > >>>>modifications, too. Or am I missing something? (I don't use subversion yet, > >>>>so forgive me if the answer is obvious). > >>> > >>>We're talking about ensuring the integrity of the repository here, not whether > >>>malicious people can commit. > >> > >>I know. > > > > > > Uhm I beg to differ - I care about both issues :) > > I didn't say I didn't care! I said I knew what we were talking about. I > also care about malicious users.
Can we please move this discussion to [EMAIL PROTECTED] A lot of the points discussed aren't about technical problems of httpd moving over, but overall topics concerning our setup. Most of the concerns that have come up are things that people not directly involved with Infrastructure are likely never having to deal with. PKI, integrated with/on top of, Subversion, can be a joint effort between the Infrastructure and Security Team. If a good, practical solution can be put together we can start looking how to roll that out. Sander
