You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by cm...@apache.org on 2012/09/07 20:54:07 UTC

svn commit: r1382124 - /subversion/site/publish/docs/release-notes/1.8.html

Author: cmpilato
Date: Fri Sep  7 18:54:07 2012
New Revision: 1382124

URL: http://svn.apache.org/viewvc?rev=1382124&view=rev
Log:
* site/publish/docs/release-notes/1.8.html
  (#client-cert-prompt-suppression): New release note about the change
    of behavior around prompting for client certificate locations.

Suggested by: rhuijben

Modified:
    subversion/site/publish/docs/release-notes/1.8.html

Modified: subversion/site/publish/docs/release-notes/1.8.html
URL: http://svn.apache.org/viewvc/subversion/site/publish/docs/release-notes/1.8.html?rev=1382124&r1=1382123&r2=1382124&view=diff
==============================================================================
--- subversion/site/publish/docs/release-notes/1.8.html (original)
+++ subversion/site/publish/docs/release-notes/1.8.html Fri Sep  7 18:54:07 2012
@@ -265,6 +265,37 @@ about these problems.</p>
 
 </div>  <!-- verify-issue4129 -->
 
+<div class="h4" id="client-cert-prompt-suppression">
+<h4>Client prompting for SSL client certificates
+  <a class="sectionlink" href="#client-cert-prompt-suppression"
+    title="Link to this section">&para;</a>
+</h4>
+
+<p>Subversion has long supported the use of SSL client certificates
+for authentication against a server which accepts such.  Users
+typically employ the <code>ssl-client-cert-file</code> option in their
+'servers' runtime configuration file to inform the client regarding
+the location of the relevant certificate file.  In interactive
+scenarios, Subversion can also prompt the user for the location of the
+certificate file when that runtime-configured value isn't set or
+otherwise suitable.</p>
+
+<p>Prior to 1.8.0, this prompting was enabled by default.
+Unfortunately, not every server which accepts client certificates
+also <em>requires</em> them.  Some users were being prompted for
+client certificate file locations in scenarios where no certificate
+was required (or perhaps even available).  So in Subversion 1.8.0, the
+Subversion client defaults to <em>not</em> prompting for the location
+of an SSL client certificate file unless the user has set the new
+<code>ssl-client-cert-file-prompt</code> runtime configuration
+option (found in the <code>[auth]</code> section of the 'config' file)
+to "yes".</p>
+
+<p>See <a href="http://subversion.tigris.org/issues/show_bug.cgi?id=2410">issue
+#2410</a> for discussion and details.</p>
+
+</div>  <!-- client-cert-prompt-suppression -->
+
 </div>  <!-- compat-misc -->
 
 </div>  <!-- compatibility -->