[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Dealing with lost key
From: |
Ethan Blanton |
Subject: |
Re: [Monotone-devel] Dealing with lost key |
Date: |
Sun, 18 Jan 2009 14:53:10 -0500 |
User-agent: |
Mutt/1.5.17+20080114 (2008-01-14) |
Brian May spake unto us the following wisdom:
> I would simplify this to a even more common problem:
>
> Person A, after numerous contributions to the project discovers is
> laptop computer has been stolen, and as such cannot be sure the security
> of his private key is still intact.
>
> He wants to be able to indicate to the project at large that all
> existing revisions are Ok, but future revisions are not.
>
> How does monotone tell which are the old revisions and which are the new
> ones? Note: You cannot trust the time saved in certificates, it is
> trivial to update the system clock to an earlier date and commit changes.
>
> Maybe just mark the key as bad and require somebody manually resign all
> good code with a good key?
Note that it is actually sufficient to sign only the newest known good
revisions, and the transitive closure of the revision graph will
capture all good revisions.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
signature.asc
Description: Digital signature
- [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/15
- Re: [Monotone-devel] Dealing with lost key, Timothy Brownawell, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, Timothy Brownawell, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/17
- Re: [Monotone-devel] Dealing with lost key, Brian May, 2009/01/18
- Re: [Monotone-devel] Dealing with lost key,
Ethan Blanton <=
- Re: [Monotone-devel] Dealing with lost key, dlakelan, 2009/01/21
- Re: [Monotone-devel] Dealing with lost key, Ethan Blanton, 2009/01/22