Am Donnerstag 14 Januar 2010 15:28:49 schrieb Jim Rees: > Andreas Jellinghaus wrote: > > if we need to fix the server for this: we could drop all certificates > and issue username/password for each developer instead. > > Ugh. That would be embarassing for what is at least partly an > authentication project. How about ssh key pairs?
yes, we could switch to ssh instead of http for write access. if we do that, we could as well switch from svn to git (or other system. but martin is a git fan and so am I) if we want. git has "gitossis" which is a secure shell for fine grained access control to git repositories (and allowes nothing else). maybe svn has a similar way so I can restrict access control to svn repositories. also (a bit unrelated, but we had this openid/trac discussion), if we overhaul our server setup, we could throw away trac too. the only features used so far are the wiki, the ticket system and the source code viewer. there are nice source code viewers out that to fill that part. the ticket system is mostly unused, I don't remember people looking at the open tickets and fixing them often. and the trac ticket system is bad, as we don't get an email of a bug reporter, and thus often have a new bug without any way to contact the reporter for details. and the wiki - well, putting the documentation in the source would simplify the makefiles and maybe make editing documentation easier. at least we would no longer have the spam issue. and except for opensc nearly noone uses the wiki anyway (for many smaller projects there have been no changes in years, for openct almost every change was done by me). so there are a several options what we could do. but if we have a big problem with the https setup with client certificates right now, we should switch to https with user/pw setup - that is easily done, already implemented for one developer. bigger changes can be done later (i.e. if we agree on what we want and someone finds time to implement the changes). no, it's not nice to delay things because the direction is unknown, or how many people would like some change, or maybe noone has time for it. but reality is often like that :( Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
