monotone-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Monotone Security

From: Daniel Carrera
Subject: Re: [Monotone-devel] Monotone Security
Date: Wed, 15 Oct 2008 20:25:18 +0200
User-agent: Thunderbird 2.0.0.17 (Macintosh/20080914) 
Peter Stirling wrote:
Presumably the issue is not when it's only one revision. If you are intent on malice then you could add 10,000,000 revisions, at which 
point calling kill_rev_locally will be rather more effort, especially
if the revisions are signed by a (compromised or otherwise) key which
had some revisions that you don't want to delete.
Ok. So the encumberance attack becomes something more like a DOS attack. Could you not use selectors to delete everything more recent than a certain date that was signed by the compromised key? 

Daniel.
PS: For those who missed my first email, here's the link to the article I wrote: 

http://daniel.carrera.name/Monotone_Security/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]