[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] Re: How to get the newest cert beginning with a certain

From: graydon hoare
Subject: [Monotone-devel] Re: How to get the newest cert beginning with a certain substring?
Date: Wed, 02 Feb 2005 16:11:09 -0500
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Derek Scherger wrote:

Currently each revision has (or should probably have) at least 4 certs:

    - date
    - author
    - changelog
    - branch

If date and author were added to each cert this could be reduced to 2 certs:

    - changelog
    - branch

and there was some talk on irc recently about how much space all these certs consume due to their cryptographic signatures. Perhaps reducing the cert count by adding date and author info to each cert could help with this problem too?

hm. so then you would have

[id, name, value, author, date, signer,

as the cert? I'm not sure.. in a sense that couples things more, but in a sense it decouples them. it means for example that I can "sign" the fact that njs says a rev should be in a branch. maybe that's true -- it expresses what happens in a rebuild much more accurately for example -- but it makes the trust rule evaluation a bit trickier. what happens if you trust me but not njs? what if you trust njs but not me? hm. perhaps not too tricky. it probably just means

  function trust(cert)
    return trust_signer(cert.signer) &&

an additional thought occurs to me though: considering that you're talking about decoupling the person who made the assertion from the person who signed it, might you also want to decouple the date the assertion was made from the date it was signed? i.e.

[id, name, value,
 author, assertion-date,
 signer, signing-date,

I know that looks longer, but by eliminating the extra signatures from date and author certs (and storing dates and authors non-base64-encoded) it would be both less database space and much more efficient for some things. I can see this having definite benefits. I'm just a bit worried about the semantics.

while we're at it, it might be worth throwing in an algorithm name, since I've been playing with importing gpg keys recently, and most of those are pre-RSA patent expiry, so elgamal/DSA.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]