On Thu, Nov 04, 2004 at 11:11:06PM -0600, Bob Tanner wrote: > I'm thinking regardless of the revision control system we use, we will > eventually have to deal with tracking user authentication info for write > access. This is inevitable. It would be convenient if you could delegate the ability to add/remove module write access to the module owners. Secure anonymous read-only pserver access is possible using a jail or UML with a read-only copy of the repository. Personally, I think it's unnecessary and can be replaced with viewcvs + daily create-on-change tarballs and diffs. > I'd still like to champion arch for the pgp-signed per-commit security, as > well as the over all signature of the repository, in addition to a secure > access protocol (sftp, ssh, scp). I agree that secure access should be a must. I like the idea of PGP based commits but do not find it necessary for netrek development. If we are to use it, then it should be transparent. If PGP limits the accessibility of the repository to UNIX-type operating systems, then I'd disfavor it compared to CVS/SV over SSH which is universally available. _______________________________________________ vanilla-devel mailing list vanilla-devel at us.netrek.org https://mailman.real-time.com/mailman/listinfo/vanilla-devel