|
From: | Brian May |
Subject: | Re: [Monotone-devel] Re: Monotone Security |
Date: | Mon, 20 Oct 2008 13:36:02 +1100 |
User-agent: | Thunderbird 2.0.0.17 (X11/20080925) |
William Uther wrote:
Now let's imagine that Bob merges all heads in his database, but without fully checking Charlie's change. At this point, Bob signs the newly merged revision.This is where you need a distributed system for sending trust data (as discussed here as "policy branches"), so if Alice doesn't trust Charlie, Bob won't trust Charlie either.
Also, if Bob signs a merge, then he is essentially saying he trusts both versions, IMHO (although maybe this is questionable because the UI makes merges without reviewing the changes so easy). Then it shouldn't matter if Alice sees the merge result.
Brian May
[Prev in Thread] | Current Thread | [Next in Thread] |