Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL

From:	Brian May
Subject:	Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Date:	Mon, 20 Oct 2008 12:43:25 +1100
User-agent:	Thunderbird 2.0.0.17 (X11/20080925)

Brian May wrote:

I think fixing this would be well worth it even if it did mean makingbackwards incompatible changes.

I thought I should just mention using hashes is only part of thesolution - once hashes are used to identify keys, we would need somesort of hash --> user mapping so we can securely work out what keybelongs to what user.

Hmmm. Now I think about it, I suspect there is currently no realsecurity on mapping keys to email addresses - it is assumed that thedata received and stored in the database is valid and trusted.

Identifying all keys by hashes, which are fixed for a given key, wouldbe a good first step to rectify this.


Brian May

[Prev in Thread]

Current Thread

[Next in Thread]

[Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Robert White, 2008/10/19
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/19
  - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Robert White, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Robert White, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/20
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Ethan Blanton, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May <=
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Richard Levitte, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Robert White, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May, 2008/10/19
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/20
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May, 2008/10/20
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Richard Levitte, 2008/10/21
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Markus Wanner, 2008/10/21
    - Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21

Prev by Date: Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Next by Date: Re: [Monotone-devel] Re: Monotone Security
Previous by thread: Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Next by thread: Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
Index(es):
- Date
- Thread