|
From: | Brian May |
Subject: | Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL |
Date: | Mon, 20 Oct 2008 11:06:22 +1100 |
User-agent: | Thunderbird 2.0.0.17 (X11/20080925) |
Ethan Blanton wrote:
I think fixing this would be well worth it even if it did mean making backwards incompatible changes.Unfortunately, changing key IDs to something more sensible (such as hashes, as used in most crypto systems) will require a re-issuance of all certs, which is a pretty big deal. Because of this, it has been put off until other backwards-incompatible changes which are known to be necessary can also be implemented, so that there needs to be only one more flag day in the foreseeable future.
What other backwards-incompatible changes are we considering? Maybe we should create a list somewhere?
My wish list for monotone, I am not sure if any of these involve backward incompatible changes:
* use hashes for keyids. * undelete deleted files. * redesign certain certificates. e.g. so you can find out when somebody added a branch certificate to a revision, or when somebody added a changelog entry. Maybe every certificate should have a timestamp.(for the last part, yes I understand timestamps are dependant on the clocks being accurate in all computers, for many projects this isn't a problem).
Side note: What is the point of the "author" certificate? It seems a bit redundant to me, as everything is signed with the authors key anyway...
Brian May
[Prev in Thread] | Current Thread | [Next in Thread] |