On 21 Jan 2022, Bernard Boudet wrote:
- There should be a single option in the repository config to
define
whether that repo permits client-side plaintext password
storage (or
perhaps define which are the permitted/denied caching methods).
Hmm. A design principle that I think is generally solid but is
especially important in free software: since the server by
definition cannot reliably dictate policy about matters that can't
affect the server -- matters that the server cannot in fact even
discern -- the server should to try to in the first place.
It's like a chat app that obeys a server-sent signal to destroy a
local copy of a message. That app is ultimately not serving the
needs of the user whose hands are holding the device.
There is a better way to achieve what you want: by distributing
recommended run-time configurations to users (perhaps even by
keeping those configurations under version control and
distributing them that way!). This is a purely client-side issue,
and client-side run-time config controls the client. If
organizations want to influence client behavior, that run-time
config is where to do it. If the organization wants to monitor
the users' computers to see if that config is ever changed, well,
I wouldn't want to work there, but they can do that -- it's common
enough for organizations to monitor work-owned machines.
Let me be very clear: if Subversion had this "feature", I would
definitely be compiling my client to disobey the signal and lie to
the server :-).
Best regards,
-Karl
