From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <overseers-return-9648-listarch-overseers=sources.redhat.com@sourceware.org>
Received: (qmail 4708 invoked by alias); 29 Sep 2007 14:02:15 -0000
Received: (qmail 4699 invoked by uid 22791); 29 Sep 2007 14:02:15 -0000
X-Spam-Check-By: sourceware.org
Received: from wa-out-1112.google.com (HELO wa-out-1112.google.com) (209.85.146.179)
    by sourceware.org (qpsmtpd/0.31) with ESMTP; Sat, 29 Sep 2007 14:02:11 +0000
Received: by wa-out-1112.google.com with SMTP id m16so3873019waf
        for <overseers@gcc.gnu.org>; Sat, 29 Sep 2007 07:02:08 -0700 (PDT)
Received: by 10.115.59.4 with SMTP id m4mr1118255wak.1191074526091;
        Sat, 29 Sep 2007 07:02:06 -0700 (PDT)
Received: by 10.114.149.7 with HTTP; Sat, 29 Sep 2007 07:02:05 -0700 (PDT)
Message-ID: <4aca3dc20709290702r286998e8v9d1f1960158c44af@mail.gmail.com>
Date: Sat, 29 Sep 2007 14:02:00 -0000
From: "Daniel Berlin" <dberlin@dberlin.org>
To: NightStrike <nightstrike@gmail.com>
Subject: Re: [NightStrike <nightstrike@gmail.com>] SVN access over https (SSL)
Cc: "Ian Lance Taylor" <iant@google.com>, overseers@gcc.gnu.org
In-Reply-To: <b609cb3b0709290503l41bd9adcifdde549e2a895b4f@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <m3ejgi5mvw.fsf@localhost.localdomain>
	 <4aca3dc20709281741j346345bs8fd4ad1fb9967e99@mail.gmail.com>
	 <m3tzpe45xg.fsf@localhost.localdomain>
	 <4aca3dc20709281900g4db8af17hae1bca68bf85e51d@mail.gmail.com>
	 <b609cb3b0709282222k6aae90aat1029942ccc30b7fb@mail.gmail.com>
	 <4aca3dc20709282226j66acf6c0w4ba70712d8edf306@mail.gmail.com>
	 <b609cb3b0709290503l41bd9adcifdde549e2a895b4f@mail.gmail.com>
Mailing-List: contact overseers-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <overseers.sourceware.org>
List-Archive: <http://sourceware.org/ml/overseers/>
List-Post: <mailto:overseers@sourceware.org>
List-Help: <mailto:overseers-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: overseers-owner@sourceware.org
X-SW-Source: 2007-q3/txt/msg00142.txt.bz2

On 9/29/07, NightStrike <nightstrike@gmail.com> wrote:
> On 9/29/07, Daniel Berlin <dberlin@dberlin.org> wrote:
> > On 9/29/07, NightStrike <nightstrike@gmail.com> wrote:
> > > On 9/28/07, Daniel Berlin <dberlin@dberlin.org> wrote:
> > > > Most people who proxy https proxy http as well.
> > >
> > > proxy https is much more compatible with picky proxies than http when
> > > dealing with svn.
> > >
> >
> > Being an svn developer who has had to debug proxy problems, i'd
> > actually say exactly the exact opposite.
> > Most HTTPS proxies fuck it up more often than HTTP proxies.
> >
> > In any case, if someone wants to buy a cert for gcc.gnu.org, i'll set
> > up https read-only access.
> > But honestly, I have real trouble seeing that it is truly that useful
> > when we have http access.
>
> How much does it cost?  Also, does gnu.org itself not have one?  You
> could also just make one yourself and make gnu.org be the CA :)
>

probably $100 a year.

If we made one ourselves, we'd have to deal with all the questions
about accepting the cert, since the CA would not be in anyone's
trusted roots.