Patrick Steinhardt <ps@xxxxxx> writes: > I'm fine with this version of the patch series. There are a couple of > features that we probably want to have eventually: > > - Persisting announced promisors. As far as I understand, we don't yet > write them into the client-side configuration of the repository at > all. > > - Promisor remote agility. When the set of announced promisors > changes, we should optionally update the set of promisors connected > to that remote on the client-side. > > - Authentication. In case the promisor remote requires authentication > we'll somehow need to communicate the credentials to the client. > > All of these feel like topics that can be implemented incrementally once > the foundation has landed, so I don't think they have to be implemented > as part of the patch series here. I also don't see anything obvious that > would block any of these features with the current design. All of them smell like with grave security implications to me. I am happy to see none of them are included in this round, as getting the details of them right would take a lot of time and effort; it is great to have the fundamentals first without having to worry about them. > Thanks for working on this! Likewise.
