Re: [Monotone-devel] cause of bad cert signatures and how to prevent the

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] cause of bad cert signatures and how to prevent the

From:	Marcel van der Boom
Subject:	Re: [Monotone-devel] cause of bad cert signatures and how to prevent them?
Date:	Thu, 7 Jul 2005 10:09:42 +0200

On 7 jul 2005, at 7:17, Nathaniel Smith wrote:

Because monotone's philosophy is to defer trust checking to individual
users; so netsync just shuffles information around, so that people
will have the appropriate information available to make their own
decisions.  So it doesn't check certs or do anything with trust.

Is there a better procedure for handling this?


How about, don't handle it at all?  Some invalid certs don't hurt
anything; monotone will just ignore them.  (I guess the warnings might
be a little annoying, though; I guess that's a bug in monotone.)

It's more than a just a warning, db check calls it a serious problemeven:


$ mt db check
monotone: [files: 493]
monotone: [manifests: 284]
monotone: [revisions: 285]
monotone: [ancestry: 287]
monotone: [revisions: 1]
monotone: verifying new revisions (this may take a while)
monotone: [revisions: 285]
monotone: [keys: 6]
monotone: [certs: 1142]

monotone: revision fb2bd876ccfca98058db6cecc6108ea3b029cbc1 badsignature in branch cert from key address@hiddenmonotone: revision fb2bd876ccfca98058db6cecc6108ea3b029cbc1 badsignature in author cert from key address@hiddenmonotone: revision fb2bd876ccfca98058db6cecc6108ea3b029cbc1 badsignature in date cert from key address@hiddenmonotone: revision fb2bd876ccfca98058db6cecc6108ea3b029cbc1 badsignature in changelog cert from key address@hidden

monotone: warning: 4 bad signatures

monotone: check complete: 493 files; 284 manifests; 285 revisions; 6keys; 1142 certs

monotone: total problems detected: 4 (4 serious)
monotone: error: serious problems detected

(and it breaks mtnview also, btw)

Overall, the trust stuff is not yet fully baked; I'm speaking in terms
of general principles because we haven't really worked out all the
details of how this should work :-).  But there's nothing _bad_ about
having certs that monotone ignores; in the future that should be how
trust works...

Ok, i'm actually happy with the warning, because obviously somethinghappened which is not meant to happen. Other than ignoring the certs,the revision is treated normally? I would have guessed that therevision would be ignored too?

Given that, is there a way to 're-sign' those certificates to get ridof the warnings and make mtnview happy again?


marcel

smime.p7s
Description: S/MIME cryptographic signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] cause of bad cert signatures and how to prevent them?, Marcel van der Boom, 2005/07/06
- Re: [Monotone-devel] cause of bad cert signatures and how to prevent them?, Nathaniel Smith, 2005/07/07
  - Re: [Monotone-devel] cause of bad cert signatures and how to prevent them?, Marcel van der Boom <=

Prev by Date: Re: [Monotone-devel] [PATCH] "monotone ls changed"
Next by Date: Re: [Monotone-devel] ANNOUNCE: monotone 0.20
Previous by thread: Re: [Monotone-devel] cause of bad cert signatures and how to prevent them?
Next by thread: [Monotone-devel] Re: monotone 0-20 build failure ( FC4 )
Index(es):
- Date
- Thread