monotone-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL

From: Brian May
Subject: Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Date: Mon, 20 Oct 2008 11:06:22 +1100
User-agent: Thunderbird 2.0.0.17 (X11/20080925) 
Ethan Blanton wrote:

Unfortunately, changing key IDs
to something more sensible (such as hashes, as used in most crypto
systems) will require a re-issuance of all certs, which is a pretty
big deal.  Because of this, it has been put off until other
backwards-incompatible changes which are known to be necessary can
also be implemented, so that there needs to be only one more flag day
in the foreseeable future.
I think fixing this would be well worth it even if it did mean making backwards incompatible changes.
What other backwards-incompatible changes are we considering? Maybe we should create a list somewhere?
My wish list for monotone, I am not sure if any of these involve backward incompatible changes: 

   * use hashes for keyids.
   * undelete deleted files.
   * redesign certain certificates. e.g. so you can find out when
     somebody added a branch certificate to a revision, or when
     somebody added a changelog entry. Maybe every certificate should
     have a timestamp.
(for the last part, yes I understand timestamps are dependant on the clocks being accurate in all computers, for many projects this isn't a problem).
Side note: What is the point of the "author" certificate? It seems a bit redundant to me, as everything is signed with the authors key anyway... 

Brian May
reply via email to
[Prev in Thread] Current Thread [Next in Thread]