[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Re: Using monotone in a team
From: |
hendrik |
Subject: |
Re: [Monotone-devel] Re: Using monotone in a team |
Date: |
Thu, 30 Nov 2006 11:32:46 -0500 |
User-agent: |
Mutt/1.5.9i |
On Thu, Nov 30, 2006 at 12:24:27AM -0600, Timothy Brownawell wrote:
> On Thu, 2006-11-30 at 17:06 +1100, Brian May wrote:
> > >>>>> "Daniel" == Daniel Carosone <address@hidden> writes:
> >
> > Daniel> Again, it's not about permissions to change things, it's
> > Daniel> about whether your trust (ie, how you pay attention to)
> > Daniel> what they do.
> >
> > Daniel> In this context, this means that everyone accepts changes
> > Daniel> in the junior branch from junior and denior developers,
> > Daniel> and in the main branch only from the senior developers.
> > Daniel> More specifically, that I only trust main-branch certs
> > Daniel> signed by senior developers.
> >
> > Daniel> From time to time, a senior developer looks at revs in the
> > Daniel> junior branch.
> >
> > What happens if a trusted developer's key becomes compromised
> > (e.g. laptop stolen) or the developer becomes untrustworthy
> > (e.g. fired)?
> >
> > Can you somehow say that old signatures are still valid, but new ones
> > aren't?
>
> Define "new" (monotone has no concept of time).
Except for a partial order of revisions after other revisions. You
could still give a list of recent valid revisions and let the partial
order fend a lot of older revisions whose certs would also be valid.
>
> The only way we really have is to take some other key (quite possibly
> specially generated for this, and then never used again), and reproduce
> all the certs that you do want to trust. (Well, you *could* give the
> trust hooks a list of all the known-good certs, but that gets really
> ridiculous really fast.)
>
> > Hmm. Need to think about this more.
> >
> > Having every certificate contain a time and date stamp would be a good
> > start - but then you have to trust the computer clock that creates
> > every signature.
>
> Which has historically been enough for us to discard this idea as
> unworkable.
>
> --
> Timothy
>
> Free (experimental) public monotone hosting: http://mtn-host.prjek.net
>
>
>
> _______________________________________________
> Monotone-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/monotone-devel
- Re: [Monotone-devel] Using monotone in a team, (continued)
- Re: [Monotone-devel] Using monotone in a team, Daniel Carosone, 2006/11/29
- Re: [Monotone-devel] Re: Using monotone in a team, Daniel Carosone, 2006/11/30
- Re: [Monotone-devel] Re: Using monotone in a team, Brian May, 2006/11/30
- Re: [Monotone-devel] Re: Using monotone in a team, Timothy Brownawell, 2006/11/30
- Re: [Monotone-devel] Re: Using monotone in a team, Nathaniel Smith, 2006/11/30
- Re: [Monotone-devel] Re: Using monotone in a team,
hendrik <=
- Re: [Monotone-devel] Re: Using monotone in a team, Timothy Brownawell, 2006/11/30
- Re: [Monotone-devel] Re: Using monotone in a team, hendrik, 2006/11/30
- [Monotone-devel] Re: Re: Using monotone in a team, Boris, 2006/11/30
- Re: [Monotone-devel] Re: Re: Using monotone in a team, Daniel Carosone, 2006/11/30
- Re: [Monotone-devel] Re: Re: Using monotone in a team, Hugo Cornelis, 2006/11/30
- [Monotone-devel] Re: Re: Re: Using monotone in a team, Boris, 2006/11/30
- Re: [Monotone-devel] Re: Re: Re: Using monotone in a team, Timothy Brownawell, 2006/11/30
- [Monotone-devel] Re: Re: Re: Re: Using monotone in a team, Boris, 2006/11/30
- Re: [Monotone-devel] Re: Re: Re: Re: Using monotone in a team, Timothy Brownawell, 2006/11/30
- Re: [Monotone-devel] Re: Re: Using monotone in a team, Daniel Carosone, 2006/11/30