[MPlayer-dev-eng] Re: svn account for C.E. Hoyos
Rich Felker
dalias at aerifal.cx
Mon Mar 19 01:29:10 CET 2007
On Mon, Mar 19, 2007 at 01:32:50AM +0200, Ivan Kalvachev wrote:
> 2007/3/19, Carl Eugen Hoyos <cehoyos at ag.or.at>:
> >Uoti Urpala <uoti.urpala <at> pp1.inet.fi> writes:
> >
> >> If you tried to log in there using your svn password that means you kept
> >> sending the password in cleartext, which isn't such a smart thing to
> >> do...
> >
> >I didn't know that svn is sending encrypted passwords.
>
> They are hashed (cram), not plaintext.
>
> There was a mail thead about svn passwords, can't find it now. I guess
> when svn+ssl is released we'd switch to it.
Why? The authentication process is secure. More secure than buggy ssl
implementations that might lead to privilege elevation.. :)
> I think that our ftp server should support some form of encryption,
> but it is not enforced.
There is no such thing as encryption for ftp.
Rich
More information about the MPlayer-dev-eng
mailing list