Re: [Monotone-devel] Monotone Security

[Thomas Keller]

Nathaniel Smith schrieb:
> On Thu, Oct 16, 2008 at 9:22 AM, Daniel Carrera <address@hidden> wrote:
>> Reasoning about causality would go a long way: Never trust a revision that
>> is dated earlier than its parent. And it appears to address the specific DOS
>> attacks that Peter found.
> 
> The date on revisions isn't particularly useful, for all the reasons
> people have mentioned.
> 
> Another sort of date is unproblematic and would make recovery from
> such DOSes easy, though -- add an "audit" table to each db that
> records the time (according to the local clock) at which each revision
> arrived in that db. 

This audit table would be useful for other purposes as well, f.e. "show
me all revisions which have been arrived since my yesterday pull".

Thomas.

-- 
GPG-Key 0x160D1092 | address@hidden | http://thomaskeller.biz
Please note that according to the EU law on data retention, information
on every electronic information exchange might be retained for a period
of six months or longer: http://www.vorratsdatenspeicherung.de/?lang=en

signature.asc
Description: OpenPGP digital signature