[darcs-users] Data Integrity
Max Battcher
me at worldmaker.net
Fri Apr 10 21:36:11 UTC 2009
Trent W. Buck wrote:
> Darcs can certainly sign patches, though unfortunately this is only
> supported during transmission layer, *not* in the repository itself.
> This is done with darcs send --sign.
>
> Also note that (AFAIK) this only supports GPG signing, and not the
> centralized stuff (ca-thingy? I don't really know).
Darcs also supports OpenSSL signing (you can use an SSH key both for
darcs send and ssh) with --sign-ssl (and --verify-ssl on the darcs apply
side). OpenSSL certainly handles Certificate Authority stuff and you
should be able to use OpenSSL tools to verify key's trust metrics,
including CA chain. (Certainly I'm assuming that darcs will not do that
itself, instead deferring to the keyring provided to --verify-ssl to
already be trustful.)
--
--Max Battcher--
http://worldmaker.net
More information about the darcs-users
mailing list