Re: [Monotone-devel] newbie question - SHA1 vs serials

[Richard Levitte - VMS Whacker]

In message <address@hidden> on Tue, 19 Apr 2005 09:50:57 -0700, "K. Richard 
Pixley" <address@hidden> said:

rich> In other messages, I've agreed that some form of repository 
rich> authentication would solve the problem.  Long term, I think this
rich> sort of feature would be very useful in monotone, even aside
rich> from the issue of man-in-the-middle and imposter attacks.
rich> 
rich> As I read the manual, (the sum of my monotone experience),
rich> monotone is currently vulnerable to these problems already.  And
rich> finding a means of addressing it would seem to be a welcome
rich> addition in any case.

I'm curious.  Do you mind diving into this part?  For example, as it
currently stands and if you have actually made your own implementation
of the lua hook get_revision_cert_trust to only accept revisions from
key identities you have and trust the public half of, how do you
picture a MITM attack working to corrupt your own database?  It
doesn't really matter if your database is served or if you're just
using it as a client to another server.

rich> >You have seen what history can look like with the multi-head
rich> >model monotone uses, have you?
rich> >
rich> I can imagine it without any difficulty, yes.  It'll give most
rich> developers I've ever supported headaches and nightmares and
rich> would likely be the biggest barrier to adoption.

That's an interesting statement, and I assume you speak for yourself.

When I started with monotone, I found this multi-head feature a breath
of fresh air, because it means I don't need to constantly update and
possibly having my own work destroyed because some other person needed
to work in the same place in the source.  Instead, I can calmly work
on my stuff and commit it, then (when my changes are safe in the
repository) I can work on merging what I have committed with the stuff
coming from everyone else.  I can still revert if need be.  I have had
no problems with it since I started using monotone (I've used monotone
since something like september last year).

Simply put, I don't share your sentiment.

rich> Monotone does have some very nice architectural features,
rich> though, especially when compared with other current free
rich> software offerings.

It would actually be nice to hear what you like about monotone (I'm
writing notes for a lecture on monotone, so I want to hear things like
this.  Really, this whole discussion has been a lot of food for
thought so far).

rich> So far I haven't heard any serious problems with serials.  What
rich> problem are you thinking of?

The one where I concluded with "This is a huge problem".  Of course,
that's just my opinion.

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte                         address@hidden
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis