From: Nanako Shiraishi <nanako3@lavabit.com>
To: Mark Lodato <lodatom@gmail.com>
Cc: Junio C Hamano <gitster@pobox.com>, git@vger.kernel.org
Subject: Re: [PATCH 1/2] http.c: prompt for SSL client certificate password
Date: Fri, 12 Jun 2009 08:42:09 +0900 [thread overview]
Message-ID: <20090612084209.6117@nanako3.lavabit.com> (raw)
In-Reply-To: <ca433830906111600n2d45b5bdg3fb6e7c0a537ec78@mail.gmail.com>
Quoting Mark Lodato <lodatom@gmail.com>:
> Any other thoughts, one way or the other? Adding proper SSL/PKI
> support would really help git adoption in the corporate world. I am
> willing to make any changes necessary to get this into git.git.
Somebody mentioned that your patch forces people to type password even when the certificate isn't encrypted. How was this issue addressed?
It would be ideal if you can inspect the certificate and decide if you need to ask for decrypting password before using it (and otherwise you don't ask). If you can't do that, probably you can introduce a config var that says "this certificate is encrypted", and bypass your new code if that config var isn't set.
That way, people who are used to the old behavior don't have to change anything in their set-up.
If people didn't have to type password at all, and after your patch if they are forced to do something else to keep the old set-up working, that isn't nice.
--
Nanako Shiraishi
http://ivory.ap.teacup.com/nanako3/
next prev parent reply other threads:[~2009-06-11 23:43 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-28 3:16 [PATCH 1/2] http.c: prompt for SSL client certificate password Mark Lodato
2009-05-28 3:16 ` [PATCH 2/2] http.c: add http.sslCertNoPass option Mark Lodato
2009-06-05 2:44 ` [PATCH 1/2] http.c: prompt for SSL client certificate password Mark Lodato
2009-06-05 8:20 ` Constantine Plotnikov
2009-06-07 14:10 ` Mark Lodato
2009-06-11 23:00 ` Mark Lodato
2009-06-11 23:42 ` Nanako Shiraishi [this message]
2009-06-11 23:59 ` Junio C Hamano
2009-06-12 7:56 ` Daniel Stenberg
2009-06-12 15:38 ` Constantine Plotnikov
2009-06-12 16:50 ` Jakub Narebski
2009-06-12 21:49 ` Rogan Dawes
2009-06-12 23:11 ` Mark Lodato
2009-06-12 23:26 ` Mark Lodato
2009-06-13 0:31 ` Junio C Hamano
2009-06-13 0:49 ` Mark Lodato
2009-06-13 11:22 ` Daniel Stenberg
2009-06-11 23:56 ` Junio C Hamano
2009-06-12 22:31 ` Mark Lodato
2009-06-12 6:34 ` Junio C Hamano
2009-06-12 7:59 ` Daniel Stenberg
2009-06-12 23:13 ` Mark Lodato
2009-06-13 0:14 ` Junio C Hamano
2009-06-13 0:33 ` Mark Lodato
2009-06-13 1:12 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090612084209.6117@nanako3.lavabit.com \
--to=nanako3@lavabit.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=lodatom@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).