You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by cm...@apache.org on 2012/09/07 20:54:07 UTC
svn commit: r1382124 - /subversion/site/publish/docs/release-notes/1.8.html
Author: cmpilato
Date: Fri Sep 7 18:54:07 2012
New Revision: 1382124
URL: http://svn.apache.org/viewvc?rev=1382124&view=rev
Log:
* site/publish/docs/release-notes/1.8.html
(#client-cert-prompt-suppression): New release note about the change
of behavior around prompting for client certificate locations.
Suggested by: rhuijben
Modified:
subversion/site/publish/docs/release-notes/1.8.html
Modified: subversion/site/publish/docs/release-notes/1.8.html
URL: http://svn.apache.org/viewvc/subversion/site/publish/docs/release-notes/1.8.html?rev=1382124&r1=1382123&r2=1382124&view=diff
==============================================================================
--- subversion/site/publish/docs/release-notes/1.8.html (original)
+++ subversion/site/publish/docs/release-notes/1.8.html Fri Sep 7 18:54:07 2012
@@ -265,6 +265,37 @@ about these problems.</p>
</div> <!-- verify-issue4129 -->
+<div class="h4" id="client-cert-prompt-suppression">
+<h4>Client prompting for SSL client certificates
+ <a class="sectionlink" href="#client-cert-prompt-suppression"
+ title="Link to this section">¶</a>
+</h4>
+
+<p>Subversion has long supported the use of SSL client certificates
+for authentication against a server which accepts such. Users
+typically employ the <code>ssl-client-cert-file</code> option in their
+'servers' runtime configuration file to inform the client regarding
+the location of the relevant certificate file. In interactive
+scenarios, Subversion can also prompt the user for the location of the
+certificate file when that runtime-configured value isn't set or
+otherwise suitable.</p>
+
+<p>Prior to 1.8.0, this prompting was enabled by default.
+Unfortunately, not every server which accepts client certificates
+also <em>requires</em> them. Some users were being prompted for
+client certificate file locations in scenarios where no certificate
+was required (or perhaps even available). So in Subversion 1.8.0, the
+Subversion client defaults to <em>not</em> prompting for the location
+of an SSL client certificate file unless the user has set the new
+<code>ssl-client-cert-file-prompt</code> runtime configuration
+option (found in the <code>[auth]</code> section of the 'config' file)
+to "yes".</p>
+
+<p>See <a href="http://subversion.tigris.org/issues/show_bug.cgi?id=2410">issue
+#2410</a> for discussion and details.</p>
+
+</div> <!-- client-cert-prompt-suppression -->
+
</div> <!-- compat-misc -->
</div> <!-- compatibility -->