Re: [Monotone-devel] [stupid user question] Renaming a tag?

[Jack Lloyd]

On Tue, Apr 01, 2008 at 01:34:26PM -0400, Zack Weinberg wrote:

> As Bruce points out, it may be possible to request that everyone
> manually delete the cert from their own repositories, but this is a
> major nuisance for everyone (e.g. personally, this would involve
> *finding* all the repositories I've got, on multiple computers).

I did know about kill_tag_locally (and use it sometimes), but to
expect it to be useful in the scenario where the tag was on a publicly
readable repo is not reasonable IMO (even if not maliciously, it will
someday get synced back to you)

> And yes, this is something that is meant to be addressed within the
> general "policy branches" umbrella.  -- Part of why so many things are
> bundled under that umbrella, by the way, is that they all may involve
> a cert-reissuing flag day, and we try very hard to minimize the number
> of those.

A tangentional question about certs: why are there so many of them?
mtn ls certs shows 4 certs on most revisions - author, branch, the
changelog contents, and the date. It seems strange to generate and
verify (and store and transmit!) signatures on these things,
especially considering that they don't actually contain that much
data. Why not combine them into a single revision object of

  author/originator
  date
  SHA-1 of changelog contents (contents treated like a file)
  branch
  <merge certs here? simply other branch certs?>
  keyid
  <signature of above>

(Aside from avoiding a flag day, of course)

-Jack