|
From: | Daniel Carrera |
Subject: | Re: [Monotone-devel] Monotone Security |
Date: | Thu, 16 Oct 2008 22:05:59 +0200 |
User-agent: | Thunderbird 2.0.0.17 (Macintosh/20080914) |
address@hidden wrote:
On Thu, Oct 16, 2008 at 05:28:13PM +0200, Daniel Carrera wrote:Slight modification: foreach (head) { if (head is signed with bad key) { 1. find the first ancestor revision of that head that is signed by a good key. 2. delete every descendant of that revision. } }GOOD1 / \ / \ bad GOOD2 Thus GOOD2 would be deleted.
How so? Unless GOOD2 is signed with the bad key, in which case there is no way to know that it is good other than having the legitimate owner of the bad key look at it.
Daniel.
[Prev in Thread] | Current Thread | [Next in Thread] |