Re: [Monotone-devel] Re: speed of "mtn ls branches"

[Zack Weinberg]

On Jan 18, 2008 5:38 AM, Lapo Luchini <address@hidden> wrote:
> We should maybe trade in some "security" with speed, e.g. mantaining a
> DB table with a "cache of valid and not suspended branches".

I'm seriously wondering whether we oughtn't to cache validity for
*all* certs in the local database.  Or perhaps go even further and
refuse to store "bogus" certs at all.

Pro: would speed up just about everything.
Con: we lose protection against database corruption and possibly
against local attacks (anyone who can do "mtn db execute" can bork a
certificate - I actually used this in a test case recently).

Perhaps there is a middle ground, where we continue to do the
checksum, but not the digital signature validation, except when we
first hear about a cert.

zw