[ET Trac] [Einstein Toolkit] #1801: Certificate for svn.cct.lsu.edu not trusted
Einstein Toolkit
trac-noreply at einsteintoolkit.org
Mon Aug 17 11:03:07 CDT 2015
#1801: Certificate for svn.cct.lsu.edu not trusted
---------------------+------------------------------------------------------
Reporter: rhaas | Owner:
Type: defect | Status: new
Priority: unset | Milestone:
Component: Other | Version: development version
Resolution: | Keywords:
---------------------+------------------------------------------------------
Comment (by knarf):
Plain http wouldn't work for write access. We could use it for read-only,
but then have the problem with people trying to use it to commit again.
svn+ssh wouldn't work in this case (no ssh access), but also kind of
circumvents the problem, as there is no trusted host-key. This would be
similar to telling svn to trust all certificates (bad idea, but also a
possibility - could be done for problematic certs only too). git isn't
solving this at all. git also uses either ssh or https as transport
protocol - both with the same issues as already discussed. This isn't a
svn problem.
The root problem is clients not updating trusted certs, and this isn't
something we could fix as ET developers. I trust that all OSX users are
loudly complaining to Apple? In this case (afaik), _no_ certificate would
work. Isn't there a version of subversion/openssl available for OSX that
isn't broken (not shipping with trusted root certs counts for me as
"broken")? We could then require (and test for) this.
--
Ticket URL: <https://trac.einsteintoolkit.org/ticket/1801#comment:12>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit
More information about the Trac
mailing list