[Csync2] Feature/change suggestions
Marcus Bointon
marcus at synchromedia.co.uk
Mon Feb 18 11:59:47 CET 2008
On 16 Feb 2008, at 15:05, Wolfram Schlich wrote:
> 4. Support peer certificate verification by checking the certificate
> trust chain (against given CAs and CRLs) and comparing the
> certificate CommonName with the peer hostname/FQDN, thus
> making it possible to use a *real* PKI infrastructure instead
> of just caching certificates and comparing checksums on subsequent
> runs.
I think this might amount to the same thing, but I'd be much happier
with transport over existing SSH infrastructure rather than all this
messing with additional certificates and ports.
Speaking as someone who has never managed to get csync2 working at
all, I'd vote for a "works by default" config as a feature, with a
minor follow-on request for more verbose error messages (my only
symptom was "nothing happens", which is hard to diagnose). What I'm
essentially after is rsync over ssh (which just works) but with
csync2's delete support, and I suspect I'm not alone in that.
Marcus
--
Marcus Bointon
Synchromedia Limited: Creators of http://www.smartmessages.net/
UK resellers of info at hand CRM solutions
marcus at synchromedia.co.uk | http://www.synchromedia.co.uk/
More information about the Csync2
mailing list