TLS and SSL support (for https and ftps)
At the moment, Bazaar can't communicate via ftps. The latter is especially important for Windows users. In a Windows environment currently it is very problematic to setup a (free) secure Bazaar server (bzr+ssh or sftp). However, there are very good and free ftp server programs which support TLS and SSL. Of course, also users of *NIX operating systems would benefit from a support of Bazaar for TLS and SSL.
There is a LGPL licensed (and therefore license compatible) library for *NIX and Windows which supports TLSv1.0, TLSv1.1, TLSv1.2 and SSLv3.0 (but not the insecure SSLv2.0): "GnuTLS". This library could be used for Bazaar to implement support for https and ftps. Link: http://
There is also a Python wrapper for it: "python-gnutls". Link: http://
Last but not least, GnuTLS has a very good documentation. Link: http://
More details about how exactly to add TLS and SSL support to Bazaar should be written here later ...
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Discussion
- Series goal:
- None
- Implementation:
-
Not started
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
> Python >= 2.7 seems to have TLS support build in:
> http://
>
> Maybe it's a good idea to use this ?
I am not sure about this because this would make Bazaar dependend on Python 2.7 or higher. Currently, Bazaar works with Python 2.4 or higher.
At the moment, there aren't even Python 2.7 based Bazaar builds for Windows. Many Bazaar developers probably don't have a focus on Python 2.7. Thus, limiting Bazaar on Python 2.7+ probably is a bad idea.
-- I've edited this to remove https references, bzr supports https just fine. -- lifeless
