On Fri, Nov 20, 2015 at 9:20 AM, Mark Phippard <[email protected]> wrote:
> I've always felt the same, but now that I've used SSH more (with Git) I > kind of question it. > > Are HTTP client certs much better than passwords? The cert itself still > has to be physically secured and if you protect the cert with a passphrase > then you have all of the same cache problems that passwords do. > > With SSH there is infrastructure like ssh-agent that just does not exist > for HTTP. > <http://markphip.blogspot.com/> > I should have added that the part that I would question here is the value and importance of the cache. Which is the root of this. I just do not see it. I guess you (Philip) do else you would not be looking into this. The majority of our users, as my educated guess only, are probably using Apache server with prefork MPM. -- Thanks Mark Phippard http://markphip.blogspot.com/
