View Single Post
  #3   (View Single Post)  
Old 10th August 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

I think you have a good point that the web server should never have access to the users private key. The only thing that worries me is module creators would have to learn to create the key pair, submit the public key, and defend the private key. I suppose though that SourceForge.net manages the task well enough with SSH setups.


Thanks
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote