[EMAIL PROTECTED] writes: [...]
> Maybe, when everything has to be recertified because of a change in > the way things are certified, what we need is a new-style > certificate that certifies that the object had been properly > certified. That wat the new certificate could be signed by a new > signer and contain the information that the original one had been > signed by whoever signed it. This decouples somewhat the identity > of the person responsible for the original content from trust in the > person signing the new ceriticate. Maybe. My guess is that the monotone cabal would argue that that's a lot of complexity for events that (they hope) will be rare, that complexity in security systems is bad, and that this would be mostly to support the current trust stuff which isn't really very good anyway. Maybe there's a general utility in allowing people to attach certs to certs, or something like that. Maybe just to add their own signatures to existing certs? I don't think it's obviously a good idea, though. (There is no monotone cabal, of course.) _______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
