Re: [Monotone-devel] Re: linus talk on git

[Jack Lloyd]

On Mon, May 21, 2007 at 02:00:09PM +0100, Bruce Stephens wrote:

> The signing doesn't matter, I guess (committing's less common than
> other operations).  And when doing "update" and things, not every cert
> needs to be verified.  IIRC the verification isn't actually that
> significant, when one profiles typical operations.

I wouldn't think so, RSA verification is pretty cheap.

Though as an aside: it appears that the changelog message is its own
cert (looking at 0.35 cert.cc here). Why is that? I would think it
more natural to store that in a hash->string value (like file
contents), and have the revision cert reference the hash. That way you
avoid a sign/verify, and allows you to coalesce common log messages
(just wrote a Perl script to go through the Subversion history on a
repo at work, and found many duplicates like "first revision", "oops",
"bug fix", "checkpoint", etc). Since you avoid the extra signature it
should be an overall space win, too...

Though then again, you wouldn't need to verify those certs anyway
unless you were doing an `mtn log` or similar, a checkout wouldn't
have any need to verify those (does it?)

-Jack