[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch
From: |
Robert Collins |
Subject: |
Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch |
Date: |
Sun, 14 Dec 2003 08:12:02 +1100 |
On Sun, 2003-12-14 at 03:33, Tom Lord wrote:
> > From: Robert Collins <address@hidden>
> > Implements signing of:
> > imports
> > changesets
> > logs
>
> All files in the archive should be signed including =meta-info files,
\=meta-info I considered, and deliberately didn't sign. I couldn't see
any security sensitive info in them, that isn't trivially verifyable.
> CONTINUATION files,
are signed.
> .listing files,
deliberately not signed - see my reasoning, or asuffields. Signing these
is both pointless and bad.
> and archive-cached revisions.
are signed.
> That's the idea behind doing the signing in pfs_put_file and creating
> pfs_put_file_atomic.
Nice idea, but it breaks the layering wholesale.
Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
signature.asc
Description: This is a digitally signed message part
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch, (continued)
- Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch,
Robert Collins <=