On Tue, 2006-07-03 at 09:35 +0000, Chris Withers wrote: > *sigh* red tape wins again. It's much easier to just do nothing, and > just not be able to contribute from behind a firewall...
Yeah, this is always unfortunate. > > The issues aren't so much technical feasibility as social / legal: a > > checkin done using somebody's private key is way less deniable than one > > done with a password. Unless you plan to set up a system for issuing > > client certificates to contributors, I don't think https is superior to > > svn+ssh at all. > > Hmmm, I'm tempted to call BS on this. How much of this has actually been > tested in a court? Really, all this crap gets caught up on pseudo legal > BS which ultimately just makes it more difficult for people to > contribute :-( I really don't get the whole paranoia about passwords > anyway... yes, client certs and public key are "more secure", but > really, why are we setting the bar so high? It's not like we're dealing > with top secret national security stuff... +1 on Chris' comments > For trying to get people to help out, this sucks ass. Come on, we're an > open source project, we _want_ people to help out, not keep on pushing > them away with higher and higher bars :-( +1 once more For my own contribution I could really care less what protocols we use, since I"m in a situation where I can use whatever. But out of the 20 or so public SVN repos i have write access to, zope.org is the only one that requires this whole ssh thing (most do writing over https, a few do writing over regular http). Its certainly not the norm. I realize changing it at this point would probably be a major pain for all existing contributors, but lowering the bar for new contributors is definitely worth it IMHO. Anyhow, just my 2 cents. - Rocky -- Rocky Burt AdaptiveWave - Content Management as a Service http://www.adaptivewave.com Content Management Made Simple _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )