Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-3629

Mechanism to require use of encrypted password store (or none at all)

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: trunk
    • Fix Version/s: 1.10-consider
    • Component/s: libsvn_client
    • Labels:
      None

      Description

      As Subversion continues to gain traction within enterprise corporations, demands
      around its security consciousness grow.  One such demand has already bubbled up
      to the top of many companies' wishlists:  server-dictated policy that requires
      Subversion clients to either use an encrypted password store when caching
      credentials, or to not cache the credentials at all.
      
      Subversion makes use of encrypted stores on Windows and Mac by default, and can
      be compiled against GNOME or KDE libs on the Unixes to allow password caching
      via those OSes' keychain mechanisms.  But currently there is no way to require
      (by server-dictated policy) that a user take advantage of these encrypted
      stores.  And therein lies the complaint.
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                cmpilato C. Michael Pilato
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: