SSL (Secure Sockets Layer) could be used to protect communications between client and server. There are two methods for doing that.
First method is wrapping the `:pserver:' protocol with some SSL tunnelling software, such as `stunnel' (see section `stunnel' -- SSL tunneling). See section Wrapping `:pserver:' with SSL. In this mode the username and password are still used, but unlike the ordinary `:pserver:', the communications are fully encrypted, and passwords do not travel over the network in clear text.
Second method (not yet implemented) is setting up proper SSL support. That is, every developer would get her SSL certificate, and the CVS client would present that certificate to a server. Server checks the certificate, and extracts the username from there. So, there are no passwords used in this scheme, and no `:pserver:' protocol. Of course, all communications are fully encrypted. Unfortunately, this method is not yet implemented.
Go to the first, previous, next, last section, table of contents.