[Yum-devel] post 3.2.0 things to think about

Dr. Peter Poeml poeml at suse.de
Fri May 4 01:01:56 UTC 2007


Hi,

On Thu, May 03, 2007 at 05:11:46PM -0400, seth vidal wrote:
> On Thu, 2007-05-03 at 09:18 +0200, Tim Lauridsen wrote:
> > > 5. yum-gate - take the code that rnorwood posted and maybe work on
> > > making it more releasable for folks to use as an authenticated yum repo.
> > > Alternatively, look at one of the other system-config-mgmt tools to work
> > > for that. 
> > >   
> > I have just got some patches from another IBM'er, that make changes to 
> > UG and yum to support a client side SSL cert. I will post it on the list.
> 
> I liked those patches. If we could document how to use that feature +
> apache cleanly it might work out well. Curiously, is it possible to auth
> via ssl client cert without connecting to an ssl site? That would make
> the payloads lighter but strongly authenticated.

No, that is not possible.

But in cases where authentication must be strong, whereas the
transferred data (packages & metadata) is not sensitive wrt
eavesdropping, digest authentication makes most sense. 
http://en.wikipedia.org/wiki/Digest_authentication
urllib2 should support that.

Peter
-- 
Allen Gewalten zum Trutz sich erhalten.
 
SUSE LINUX Products GmbH
Research & Development
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.baseurl.org/pipermail/yum-devel/attachments/20070504/c9daba7f/attachment.pgp 


More information about the Yum-devel mailing list