Re: [Monotone-devel] Re: [RFC] versioned policy -- introduction

[Daniel Carosone]

On Thu, Sep 07, 2006 at 09:28:30PM -0700, Nathaniel Smith wrote:
> This is a nice property, and it'd be cool to be able to use it as a
> selling point, but I'm actually not sure that it's at all unique.  The
> approach that most DVCSes use for trust etc. is to make each and every
> person and branch its own trust domain: a complete fork, effectively.

Very much so. Without the persistent trusts on historical revisions
based on certs, when i merge with someone else, I implicitly trust not
only their merging efforts and decisions with others, but also the
integrity of their historical record for revisions they're passing on
to me.  

Monotone allows me to separate these two things, and the difference
between the two is the difference between looking at someone's code
and trusting someone's project (or personal) infrastructure.

> The problem for them is building a coherent community as a layer on
> top of these scattered trusts.

I think that's a problem for both, and the problem we're trying to
tackle with the policy branches.  I think the problem the other tools
face is building a coherent history on top of scattered tampering, but
perhaps some have added certified revisions since I last looked (I
know some had gpg-signed patch sets).

I think they also face other problems by collapsing several trust
decisions into the sync/merge step, like putting trust and merge
obstacles in the path of a quick backup sync.  

--
Dan.

pgpsWCYjggXmQ.pgp
Description: PGP signature