devblog

author: Joey Hess <joey@kitenet.net> 2014-04-25 16:34:33 -0400
committer: Joey Hess <joey@kitenet.net> 2014-04-25 16:34:33 -0400
commit: 6f7fcedbf15457761ecaf16b915a85a4ccb16b02 (patch)
tree: f996f99cc81f289abdf7084c45aab356406e5f35 /doc/design/assistant/sshpassword.mdwn
parent: 059fd34965ed23d0efe5cc2713e23c3be77501ae (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/design/assistant/sshpassword.mdwn b/doc/design/assistant/sshpassword.mdwn
index 6e6526063..00c33ccf8 100644
--- a/doc/design/assistant/sshpassword.mdwn
+++ b/doc/design/assistant/sshpassword.mdwn
@@ -25,12 +25,12 @@ code to run ssh-askpass.
 
 * Maybe force upgrade webapp to https? Locally, the risk would be that
   root could tcpdump and read password, so not large risk. If webapp
-  is used remotely, require https.
+  is being accessed remotely, absolutely: require https.
 * Use hs-securemem to store password.
 * Avoid storing password for long. Erase it after webapp setup of remote
   is complete. Time out after 10 minutes and erase it.
-* Prompt using a field name that does not trigger web browser password
-  saving.
+* Prompt using a html field name that does not trigger web browser password
+  saving if possible.
 
 ### ssh-askpass shim, and password forwarding
author	Joey Hess <joey@kitenet.net>	2014-04-25 16:34:33 -0400
committer	Joey Hess <joey@kitenet.net>	2014-04-25 16:34:33 -0400
commit	6f7fcedbf15457761ecaf16b915a85a4ccb16b02 (patch)
tree	f996f99cc81f289abdf7084c45aab356406e5f35 /doc/design/assistant/sshpassword.mdwn
parent	059fd34965ed23d0efe5cc2713e23c3be77501ae (diff)