In message [EMAIL PROTECTED] on Tue, 24 Oct 2006 20:07:32 -0500, Timothy
Brownawell [EMAIL PROTECTED] said:
tbrownaw So I think built in encryption would be a good thing.
tbrownaw
tbrownaw Yes, not everyone will (easily) be able to use those
tbrownaw alternatives. But AIUI it'd also be a
On Wed, Oct 25, 2006 at 11:53:33AM +1000, Daniel Carosone wrote:
On Tue, Oct 24, 2006 at 08:07:32PM -0500, Timothy Brownawell wrote:
VPN - extra overhead and installation can be clumsy.
Yeah, but if your code is secret enough that you're worried about people
using packet sniffing to get
On Wed, Oct 25, 2006 at 06:02:30AM -0300, Jeronimo Pellegrini wrote:
Personally, if
it is something really secret, I wouldn't trust any datacenter to handle
my server except if their sysadmins could have access to my content or to
could not, of course. :-)
J.
In message [EMAIL PROTECTED] on Wed, 25 Oct 2006 00:00:08 -0700, Nathaniel
Smith [EMAIL PROTECTED] said:
njs On Wed, Oct 25, 2006 at 08:46:48AM +0200, Richard Levitte - VMS Whacker
wrote:
njs Doesn't Botan have facilities to make such things easy? I was under
njs the impression that it
Poking through the Botan sources, I saw that it supports AES all the
way through 256 bit keys, and there seems to be support for the
various modes of encryption (CBC, CFB, etc.), so once the session
keys are setup, the rest should be pretty easy. I vaguely remember
something about RSA and
Hi,
Cem Karan wrote:
Poking through the Botan sources, I saw that it supports AES all the
way through 256 bit keys, and there seems to be support for the
various modes of encryption (CBC, CFB, etc.), so once the session keys
are setup, the rest should be pretty easy. [...]
The question is
In message [EMAIL PROTECTED] on Wed, 25 Oct 2006 14:28:56 +0200, Dirk
Hillbrecht [EMAIL PROTECTED] said:
dh Hi,
dh
dh Cem Karan wrote:
dh Poking through the Botan sources, I saw that it supports AES all the
dh way through 256 bit keys, and there seems to be support for the
dh various modes
As for encrypting the database, protecting the hosts, etc
truthfully, I'm not too worried about that from Monotone's
standpoint. I mean, is it Monotone's fault if someone loses their
laptop, or if someone puts some malware onto a computer that acts as
a keylogger?
If you can
Jeronimo Pellegrini wrote:
If you can label computers as trusted and posibly hostile, then
you can encrypt the database -- and never checkout or have the
clear version on the hostile hosts. You would only decrypt it in trusted
hosts where you'd keep your workspace. A solution based on
[EMAIL PROTECTED] wrote:
I'm sorry I didn't write what I was thinking. :-) I didn't really mean it's
a substitute for channel encryption always. I just meant that it may substitute
connection enrcyption if you're not worried about others knowing that
you store a Monotone database on the server.
Ulf Ochsenfahrt [EMAIL PROTECTED] wrote:
I meant: monotone should drop it's proprietary message signing and
use GPG instead. :D
I used to think that, but I have since abandoned this idea. Why? I
was convinced otherwise. If you check out the FAQ, you'll get your
answer as to why monotone
On Wed, Oct 25, 2006 at 10:09:39PM +0200, Ulf Ochsenfahrt wrote:
[EMAIL PROTECTED] wrote:
Yes, and I don't think it's a problem.
I was just critizising that encrypting the database may not be the
appropriate measure for the current use case. And then again, it might
be. Sorry if I came
Jeronimo wrote:
On Wed, Oct 25, 2006 at 06:08:04PM -0300, Jeronimo Pellegrini wrote:
That would be O (RSA x users) every time you commit... Is it necessary?
(Or DSA, or whatever other asymetric algorithm)
Just so I write it correctly:
The time would be O ( R x U ) per commit, where
R = time
On Thu, Oct 26, 2006 at 12:08:22AM +0200, Ulf Ochsenfahrt wrote:
Jeronimo wrote:
On Wed, Oct 25, 2006 at 06:08:04PM -0300, Jeronimo Pellegrini wrote:
That would be O (RSA x users) every time you commit... Is it necessary?
(Or DSA, or whatever other asymetric algorithm)
Just so I write it
Daniel == Daniel Carosone [EMAIL PROTECTED] writes:
Yeah, but if your code is secret enough that you're worried
about people using packet sniffing to get at deltas (not even
complete files), then you probably already *have* a VPN set up
to redirect everything you do through
On Tue, 2006-10-24 at 14:50 -0400, Cem Karan wrote:
Hi all, I've been asked by my boss to evaluate various SCM options to
see what fits our needs best. I found Monotone via the Better SCM
Initiative (http://better-scm.berlios.de/comparison/), and it looks
like it fits our needs quite
Timothy == Timothy Brownawell Timothy writes:
Timothy IIRC part of the problem is that (many/most) ssl
Timothy libraries supposedly tend to not get along well with
Timothy async sockets, and then there's also the just use vpn or
Timothy a LD_PRELOADed encryption library argument.
On Tue, Oct 24, 2006 at 08:07:32PM -0500, Timothy Brownawell wrote:
VPN - extra overhead and installation can be clumsy.
Yeah, but if your code is secret enough that you're worried about people
using packet sniffing to get at deltas (not even complete files), then
you probably already
18 matches
Mail list logo