Derek J. Balling wrote: > It's just ugly. Like I said in my ticket notes, I'll concede that for > some people, it's a necessity, but there's clearly also a set of > people for whom it is just unnecessary pain and suffering. >
It's been my experience that SSL (or the requirement for some form of this type of security even if they disliked SSL) is actually required by the vast majority of people using Puppet. Certainly if you have any security requirements you need some kind of encryption/authentication mechanism. Without one - anyone can compromise your configuration and a daemon generally running with root privileges. But I concede there might be shops out there who don't care about this issue. I doubt it will change in a hurry - removing SSL from Puppet or abstracting it into a module as part of a refactor of security would be a large undertaking. Regards James Turnbull -- Puppet Labs - http://www.puppetlabs.com C: 503-734-8571 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
