|
From: | Daniel Carrera |
Subject: | Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL |
Date: | Mon, 20 Oct 2008 11:26:21 +0200 |
User-agent: | Thunderbird 2.0.0.17 (Macintosh/20080914) |
Ethan Blanton wrote:
Monotone generally settles on security first; many users (myself included) consider this a good thing.
I second that. Security is one of the most interesting features of Monotone. It's what brought me to this list.
A single, well-known key store is much easier to keep track of and secure than a variety of databases being shipped all over the network for various reasons. Yes, those keys are protected, but they're protected by a passphrase which is almost certainly not very good, cryptographically speaking.
Indeed. I don't know of any product with PK cryptography that distributes private keys all nilly willy.
It's a freaking land mine.That's interesting ... I found the in-database keys to be a "freaking land mine", and was quite pleased several years back when they were ditched in favor of a filesystem key store.
Monotone used to have private keys in the DB?! Daniel.
[Prev in Thread] | Current Thread | [Next in Thread] |