|
From: | Daniel Carrera |
Subject: | Re: [Monotone-devel] Monotone Security |
Date: | Wed, 15 Oct 2008 20:25:18 +0200 |
User-agent: | Thunderbird 2.0.0.17 (Macintosh/20080914) |
Peter Stirling wrote:
Presumably the issue is not when it's only one revision. If you are intent on malice then you could add 10,000,000 revisions, at whichpoint calling kill_rev_locally will be rather more effort, especially if the revisions are signed by a (compromised or otherwise) key which had some revisions that you don't want to delete.
Ok. So the encumberance attack becomes something more like a DOS attack. Could you not use selectors to delete everything more recent than a certain date that was signed by the compromised key?
Daniel.PS: For those who missed my first email, here's the link to the article I wrote:
http://daniel.carrera.name/Monotone_Security/
[Prev in Thread] | Current Thread | [Next in Thread] |