[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Monotone Security
From: |
Jack Lloyd |
Subject: |
Re: [Monotone-devel] Monotone Security |
Date: |
Thu, 16 Oct 2008 12:38:39 -0400 |
User-agent: |
Mutt/1.5.16 (2007-06-09) |
On Thu, Oct 16, 2008 at 06:22:02PM +0200, Daniel Carrera wrote:
> Jack Lloyd wrote:
>>> Regardless of whether this stops the DOS attack or not, I think that it
>>> is important that the dates on the certificates be trustworthy.
>> That is really really hard. In fact it seems pretty much impossible,
>> especially for backdating. That's because there does not seem to be
>> any obvious way to distinguish between a certificate that I signed a
>> long time ago, and you are now just seeing (due a sync/push), and one
>> that I just now intentionally and maliciously backdated.
>> I think in Monotone is it more useful to reason about causality using
>> the explicit revision graph rather than try to bring trusted global
>> clocks into it.
>
> Reasoning about causality would go a long way: Never trust a revision that
> is dated earlier than its parent. And it appears to address the specific
> DOS attacks that Peter found.
That could easily happen due to a time change, though:
$ mtn ci . -m "Checkin 1"
[Right after this mtn process completes, NTP runs, or someone sets the
date manually, or whatever, and the clock is set back an hour]
$ mtn ci . -m "Checkin 2"
I would think the second checkin should still be considered valid here.
-Jack
- [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/14
- Re: [Monotone-devel] Monotone Security, Timothy Brownawell, 2008/10/14
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/15
- Re: [Monotone-devel] Monotone Security, Peter Stirling, 2008/10/15
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/15
- Message not available
- Message not available
- Re: [Monotone-devel] Monotone Security, Peter Stirling, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security,
Jack Lloyd <=
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Nathaniel Smith, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Thomas Keller, 2008/10/17
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Ethan Blanton, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carosone, 2008/10/16