[Zope-dev] [ZF] Zope Source Code Repository

Chris Withers chris at simplistix.co.uk
Fri Apr 3 11:53:58 EDT 2009


Christian Theune wrote:
>> See: http://subversion.tigris.org/svn_1.6_releasenotes.html#auth-related-improvements
> 
> However, this only *allows* clients to manage their password reasonably,
> it doesn't force them to. 

Well, you can't force someone to keep their private key private either...

At the end of the day, if an svn account is compromised, we'll see a 
load of bogus commits. My understanding of svn is that those are 
moderately easy to remove.

> From my understanding, the interesting part is what the DVCSs do: let
> people sign their commits with e.g. their PGP key (strong auth) and
> allow them to share that data somewhere (different mechanism maybe not
> so strong auth).

Well, the only "auth" bit seems to be where the "offical" changesets are..

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk


More information about the Zope-Dev mailing list