[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] Merging branch to allow duplicate key names, have certs

From: Timothy Brownawell
Subject: [Monotone-devel] Merging branch to allow duplicate key names, have certs use key hash
Date: Fri, 14 Aug 2009 05:04:08 +0000

I think branch net.venge.monotone.keys-by-hash is ready now.

The central change is that certs contain a key hash instead of a key
name, to get rid of the problem with key collisions.

Since this explicitly allows for duplicate key names, hooks that operate
on keys get a table containing "id" (the key hash), "name" (a local
name, given by another hook), and "given_name" (the name given when
creating the key).

'genkey' and 'automate genkey' will still error out if the key already
exists, to reduce the chances for accidental confusion. This can be
circumvented by not providing a database, and if you really want to by
temporarily moving the existing key file out of your key store.

'ls certs' and 'ls tags' now print the first few digits of the key hash
along with the name.

'automate certs' prints the key hash where it printed the key name
before, and 'automate keys' lists both local and given names instead of
only one name.

The 'trusted' command requires the listed keys to actually exists,
because it looks them up to have all three of name/id/given_name
available. Would it be worthwhile coming up with a syntax to give all 3
so imaginary keys can be checked?

This does require a netsync flag day, because certs on the wire contain
a key hash instead of a key name now (just like certs in the db).

reply via email to

[Prev in Thread] Current Thread [Next in Thread]