monotone-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Re: WARNING: ~/.monotone/keys CONSIDERED HARMFUL


From: Markus Wanner
Subject: Re: [Monotone-devel] Re: WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Date: Tue, 21 Oct 2008 10:23:55 +0200
User-agent: Thunderbird 2.0.0.16 (X11/20080916)

Hi,

Brian May wrote:
> You need to use email addresses in order to answer the question "Who
> signed this revision?"

Huh? No, your key id can be pretty much any string you want it to be.
Monotone certainly doesn't bind that to email addresses exclusively.
It's just common practice.

> I could imagine setting up a database with false email addresses for the
> keys, so anybody who syncs from my database gets these keys and may get
> mislead as to how made the changes.

Why mislead? I could use the key id "Markus_Wanner". If you get the
public part of that key and trust it is really me, you can perfectly
well use that to validate my signatures.

> As far I am aware there isn't any
> user visible way at the moment to test two keys are the same, we rely on
> the keyid which could be falsified.

That's certainly an agreed short-coming, yes.

> They is also no way to tell what key
> signed a particular revision, apart from its keyid.

Well, that is based on the assumption that no two keys have the same key
id. As long as that's true, you don't need any other way.

> The only part of this I am not sure of - is how monotone behaves if it
> notices a keyid has a different key during a sync operation.

My guess is, that the key won't be transferred (or checked), but the
certs transferred are then checked against the wrong key and dismissed
as untrusted.

> Then the next part required would be some way of securely mapping the
> key id to a user - they are a number of different ways this could be
> done. Once we use hashes for keyids that is.

Huh? How should that be possible? Isn't it sufficient exchanging known
public keys during netsync?

Regards

Markus Wanner





reply via email to

[Prev in Thread] Current Thread [Next in Thread]