Daniel Carrera wrote: > Thanks for the links. It looks like Mercurial is like git: one can use > gpg to sign a revision (and implicitly, its history). In which way are > signatures more pervasive in monotone?
Every single commit is digitally signed, and the signature and trust of each key is checked every time: a revision signed by an untrusted key will not even appear to exist. Signing a specific version implicitly certifies all the previous history, but only as far as the people signing is *aware* of every single past change; OTOH having a signature on each and every single commit can immediately lead to the "offender" in case of problems. (ok, mtn doesn't sign revisions but only certs: metadata about revisions, but since every revision has 3 certs by default, every revision is usually at least triple-signed by every committer) (yes, the same revision can have multiple committers, if they did change exactly the same bytes of the same files, they produced the same revision; this happens most often on "clean merges" or if both applied a third-party patch) > So, when I run 'mtn commit' Monotone is not signing anything? I couldn't > find a sign command for Monotone so I assumed that every commit was signed. It's signing certs of this general form: (revision hash, cert name, cert value) I think "mtn commit" by default signs a "branch" cert, a "date" cert, an "author" cert and optionally a "changelog" cert. Since the "revision hash" is criptographically strongly itself, the revision is indirectly "certified" as well, even though not "directly signed". > Intrusion is a very rare event and if I have to > jot down a hash every day (I upload every day) I might keep it up for a > month or two and then I'll stop doing it. That's why I think it's good for a tool to be a little slower, but always do all the *proper* check on data. =) > I don't know if any RCS has this feature, but I would really like to be > informed if something has changed. If the server is compromised, I want > to hear about it. If any (relevant) bit of your storage flipped or (even worse) if someone tampered your repository, monotone will complain very loudly on the next checkout or commit, and probably also on every update. -- Lapo Luchini - http://lapo.it/ “You don't have to distrust the government to want to use cryptography.” (Phil Zimmermann) _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel
