[Monotone-devel] Re: key trust

[Bruce Stephens]

Richard Levitte - VMS Whacker <address@hidden> writes:

[...]

> No, I was thinking of making good use of things like policy attributes
> at assign roles or rights to a certificate holder.  But sure, if you
> want, there's always the possibility of coupling the whole thing with
> a replicated LDAP repository and do the math with it :-).

But if your certificate has all those decorations then it's probably
not so usable for other purposes, so I'd guess that would diminish the
"single signon" type argument for using X.509?

I suspect that if monotone had an ssh-agent type system (maybe even
one that actually used ssh-agent, whether or not it used ssh keys),
then a lot of the irritation with using monotone-specific keys would
go?

> But you'll have to wait until that RFC is implemented in OpenSSL :-).

OK, not for a couple of weeks, then?

[...]