Robert White wrote:
In my humble opinion I don't find the use of email address to key id to be
an issue. It makes reasonable sense and it is memorable and meaningful
to all the users.
The assumption is that for any email address, there will only ever be
one key. If this assumption was true, I suspect your issue wouldn't be a
problem.
Unfortunately it is not a valid assumption, and there a number of
different reasons why one email address might have more then one key.
Examples I can think of right now include:
* key is compromised, so user needs to get a new key to sign in new
commits (trusting old commits is another issue).
* different security requirements on different computers. For
example you might want to use monotone on same projects on a
shared laptop, which isn't secure enough for other projects, so
you create two keys, one for the laptop, one for the desktop.
* ability to revoke key from laptop computer if laptop becomes
stolen but continue using other key from desktop.
Brian May
_______________________________________________
Monotone-devel mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/monotone-devel
