I will PR something this week to protect passphrase, master secrets and put pants on to our HTTP requests.

Initially all the changes will be inside AGPUSH for the sake of simplicity.

--
abstractj

On February 17, 2014 at 1:28:55 PM, Matthias Wessendorf (matzew@apache.org) wrote:
> > correct someone could to that. In the past we already at least
> chatted about having some sort of key/certificate for that +
> access-keys (e.g. per application).