[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Key identities...
|
From: |
Ethan Blanton |
|
Subject: |
Re: [Monotone-devel] Key identities... |
|
Date: |
Mon, 5 Nov 2007 09:30:23 -0500 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
Nathaniel Smith spake unto us the following wisdom:
> It already does error out if you try to put two keys with the same
> name into the same db. I'm not quite sure how the developer in
> question managed to achieve this -- maybe Ethan will explain in more
> detail. It sounds like he once upon a time generated a key, issued
> some certs, and then erased that key and used another key for all
> actual work -- and now, much later, somehow managed to accidentally
> release one of those old certs into the wild. I don't know if the db
> that the bad cert came from even contained the offending key or not.
It was an unfortunate occurrence; the developer in question created a
monotone key and sent it to me so that I could grant push access, but
unfortunately sent me his *private* key. I advised him to destroy the
key and generate a new one, and send me the only public portion with
'mtn pubkey'. He did so, and I uploaded it.
Now, in the meantime we determined that he had signed a revision using
the old key, and I gave him explicit instructions on how to destroy
that revision before syncing; however, he apparently did not follow
them, and thus when he synced his "good" revisions, the "bad" revision
made it in as well.
This really isn't the sort of thing that should happen with any
regularity, but it's at least the second time it's happened with
Pidgin; the first time was before our monotone went public, so cleanup
was trivial. This time was a bit more of a fire drill.
Protecting the database from receiving a second key with the same ID
would not have helped, in this instance.
The real problem here was not the revision with the bum certs (what's
a few k of junk in the database?), but the fact that monotone
complained about it any time the offending branch was touched; perhaps
this would have become less frequent as the revision in question moved
farther from the head, I don't know.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
signature.asc
Description: Digital signature
- [Monotone-devel] Key identities..., Richard Levitte, 2007/11/04
- [Monotone-devel] Re: Key identities..., Lapo Luchini, 2007/11/04
- Re: [Monotone-devel] Key identities..., Timothy Brownawell, 2007/11/04
- Re: [Monotone-devel] Key identities..., Nathaniel Smith, 2007/11/05
- Re: [Monotone-devel] Key identities..., Jack Lloyd, 2007/11/05
- Re: [Monotone-devel] Key identities..., Chad Walstrom, 2007/11/05
- [Monotone-devel] Re: Key identities..., Graydon Hoare, 2007/11/05
- Re: [Monotone-devel] Re: Key identities..., William Uther, 2007/11/18
- Re: [Monotone-devel] Re: Key identities..., Jack Lloyd, 2007/11/18
- Re: [Monotone-devel] Re: Key identities..., William Uther, 2007/11/18
- Re: [Monotone-devel] Re: Key identities..., Stephen Leake, 2007/11/18
- Re: [Monotone-devel] Re: Key identities..., Richard Levitte, 2007/11/18
- [Monotone-devel] Re: Key identities..., Lapo Luchini, 2007/11/18