[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Security is hard. Let's work on policy branches any

From: Brian May
Subject: Re: [Monotone-devel] Security is hard. Let's work on policy branches anyway.
Date: Tue, 23 Jan 2007 13:10:30 +1100
User-agent: Gnus/5.110006 (No Gnus v0.6) XEmacs/21.4.19 (linux)

>>>>> "Timothy" == Timothy Brownawell <Timothy> writes:

    Timothy> You don't identify the key by a human-readable
    Timothy> name. Instead, you identify it by its hash, and there's a
    Timothy> users/ section in the policy tree that maps the hash to
    Timothy> something human-readable for UI purposes. So you rename
    Timothy> the lost key, and add the new one (maybe even with the
    Timothy> same name).

Unfortunately, as currently implemented, get_netsync_read_permitted
and get_netsync_write_permitted (and probably others), use the
human-readable name, not the hash.

In fact, according to the documentation, what you describe cannot
happen, as it is not possible to have more then one key share the same
human readable name:

      "Note that the identity value is a key ID (such as
      "address@hidden") but will correspond to a unique key
      fingerprint (hash) in your database. Monotone will not permit
      two keys in your database to have the same ID. Make sure you
      confirm the key fingerprints of each key in your database, as
      key ID strings are "convenience names", not security tokens."

What you say does sound to me to be like the right solution.
Brian May <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]