[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] key management
From: |
Thomas Keller |
Subject: |
Re: [Monotone-devel] key management |
Date: |
Mon, 09 Aug 2010 13:35:31 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.1.11) Gecko/20100714 SUSE/3.0.6 Lightning/1.0b2pre Thunderbird/3.0.6 |
Am 07.08.2010 20:40, schrieb Stephen Leake:
> Stephen Leake <address@hidden> writes:
>
>> Ok. So 'automate get_public_key' should output the packet format, _not_
>> basic_io. That is very easy to implement.
>>
>> 'automate remove_public_key' is an automate version of 'dropkey', but
>> only removes public keys from the database. That's also easy to implement.
>
> This is now implemented, in nvm.key_management. Test in
> tests/automate_key_manage, renamed from automate_read_packets.
Ok, I'll review this later.
> I used the command names 'automate pubkey', 'automate dropkey', to match
> the corresponding non-automate commands.
>
> 'automate dropkey' drops the private key if present, as non-automate
> does. I didn't see any reason to change the behavior.
Ouch - that might not be a good idea. This would e.g. enable the
deletion of the key which is used to authenticate the server, rendering
a running monotone instance completely useless. We cannot even restrict
the execution of this command by argument easily, ie. I don't want to
tell server admins to expand their get_remote_automate_permitted() hook
to specifically exclude the key id for this new command, this is way too
harmful if forgotten.
So please, either split the functionality in two commands
(drop_public_key / drop_private_key) or disable key deletion over
automate. In the former case we could at least give sensible hints for a
server admin to disallow the drop_private_key command completely.
> I wasn't sure where to put 'automate dropkey' and 'automate pubkey' in
> monotone.texi; the 'packets' or 'automate' section. They are in
> 'automate' for now.
All automate commands belong in the automate section.
Thomas.
--
GPG-Key 0x160D1092 | address@hidden | http://thomaskeller.biz
Please note that according to the EU law on data retention, information
on every electronic information exchange might be retained for a period
of six months or longer: http://www.vorratsdatenspeicherung.de/?lang=en
signature.asc
Description: OpenPGP digital signature
- [Monotone-devel] nvm.options, Stephen Leake, 2010/08/05
- Re: [Monotone-devel] nvm.options, Thomas Keller, 2010/08/05
- Re: [Monotone-devel] nvm.options, Stephen Leake, 2010/08/05
- [Monotone-devel] key management, Stephen Leake, 2010/08/05
- Re: [Monotone-devel] key management, Thomas Keller, 2010/08/06
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/06
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/09
- Re: [Monotone-devel] key management,
Thomas Keller <=
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/09
- Re: [Monotone-devel] key management, Thomas Keller, 2010/08/10
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/10
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/18
- Re: [Monotone-devel] key management, Thomas Keller, 2010/08/18
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/18
- Re: [Monotone-devel] key management, Stephen Leake, 2010/08/23