[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] private key needed for sync?
From: |
Richard Levitte - VMS Whacker |
Subject: |
Re: [Monotone-devel] private key needed for sync? |
Date: |
Tue, 07 Jun 2005 21:20:37 +0200 (CEST) |
In message <address@hidden> on Tue, 07 Jun 2005 20:31:07 +0200, Zbynek Winkler
<address@hidden> said:
zwin> Brian Campbell wrote:
zwin>
zwin> > You need to have a key in the server so the client can make
zwin> > sure it's connecting to the right server. Otherwise, someone
zwin> > could set up a bogus server so when you sync to it, all of
zwin> > your private code is sent to the malicious server.
zwin>
zwin> That sounds reasonable. But I am confused by the tutorial and/or
zwin> monotone behavior :(. Why does it use something called "private
zwin> key" for server identification? I thought that "private key" is
zwin> for identification of the commiter?
It follows the same basis as, for example, SSH. A SSH server requires
a host key (which is a private/public key pair).
zwin> Also the error message says it is looking for "signing key" and
zwin> not for server identification key...
Actually, it's more about authentication than identification.
Authentication with private/public key pairs is usually done by
signing a chunk of random or semi-random data.
This is fairly basic cryptographic operation. You should read up on
the basics.
zwin> > By the way, it looks like you've named your collection
zwin> > marocode. It would probably be better to follow the reverse
zwin> > domain name naming convention, so it would be
zwin> > cz.matfyz.zw.marocode or cz.cuni.marocode or whatever domain
zwin> > it is you want to use. We discussed possibly moving to a URL
zwin> > like convention, like zw.matfuz.cz/marocode, but that hasn't
zwin> > happend yet because the slash conflicts with the slash used in
zwin> > the selector syntax.
I'd suggest zw.matfuz.cz+marocode. The + sign doesn't conflict with
anything that I know of.
zwin> I felt it would be usability deficiency to force users to always
zwin> specify the whole url when switching to another branch, so I
zwin> went with shorter names.
... until you synchronise your database with some other project that
just happens to have a branch called 'marocode'. The convention of
having your comain baked into the branch names isn't there to annoy
you, there's a very real reason. Actually, if you happen to look into
the monotone repository some day, you will notice that it started out
with a branch called 'monotone'. I guess the developper learned :-).
zwin> I think we'd need some form of short/long branch names or some
zwin> user aliases for the branch names or a project name (the long
zwin> stuff) and a branch name within the project. The goal would be
zwin> to specify the long stuff with the url only once...
Well, considering the operations where branches are commonly specified
save those branch names as a default, you really don't need to specify
them that often. However, there was some talk about having local
short aliases for the standard branches a while ago. I wonder what
happened with that discussion.
Cheers,
Richard
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte address@hidden
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
- [Monotone-devel] private key needed for sync?, Zbynek Winkler, 2005/06/07
- Re: [Monotone-devel] private key needed for sync?, Matthew A. Nicholson, 2005/06/07
- Re: [Monotone-devel] private key needed for sync?, Brian Campbell, 2005/06/07
- [Monotone-devel] Large-scale usage (was: private key needed for sync?), Peter Simons, 2005/06/09
- Re: [Monotone-devel] Large-scale usage (was: private key needed for sync?), Nathaniel Smith, 2005/06/09
- Re: [Monotone-devel] Large-scale usage, Zbynek Winkler, 2005/06/10