[Monotone-devel] Re: linus talk on git

[Bruce Stephens]

Jack Lloyd <address@hidden> writes:

[...]

> [OT]
>
> I haven't looked into the design of git at all, so this is perhaps a
> stupid question, but does this mean git is then relying more on some
> external factors for authenticity checks, like domain names?

I think it relies more on the overall state of the code: one trusts
intermediate revisions because Linus says the final version's OK.  And
various revisions can be signed (using PGP) IIRC---it's just that they
don't need to be.

> (Initially I thought this might mean Monotone might be signing file
> data, which would indeed be very slow (!), but a quick look at 0.35
> suggests that's not the case at all, so now I'm curious what
> signatures one can get away with removing without seriously
> compromising the ability to calculate meaningful trust metrics on a
> revision or branch).

No, monotone doesn't sign file data---just certs.  But there are
several certs for every revision, so that's quite a bit of signing.
The signing doesn't matter, I guess (committing's less common than
other operations).  And when doing "update" and things, not every cert
needs to be verified.  IIRC the verification isn't actually that
significant, when one profiles typical operations.