Brian May spake unto us the following wisdom: > I would simplify this to a even more common problem: > > Person A, after numerous contributions to the project discovers is > laptop computer has been stolen, and as such cannot be sure the security > of his private key is still intact. > > He wants to be able to indicate to the project at large that all > existing revisions are Ok, but future revisions are not. > > How does monotone tell which are the old revisions and which are the new > ones? Note: You cannot trust the time saved in certificates, it is > trivial to update the system clock to an earlier date and commit changes. > > Maybe just mark the key as bad and require somebody manually resign all > good code with a good key?
Note that it is actually sufficient to sign only the newest known good
revisions, and the transitive closure of the revision graph will
capture all good revisions.
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
signature.asc
Description: Digital signature
_______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
