[darcs-users] Re: signing of patches

Karel Gardas kgardas at objectsecurity.com
Tue Dec 7 19:13:11 UTC 2004


On Wed, 8 Dec 2004, Anthony Towns wrote:

> David Roundy wrote:
> > On Tue, Dec 07, 2004 at 03:25:12PM +1000, Anthony Towns wrote:
> >>The other option would seem to be to include some md5sums of the patches
>
> Or sha1 checksums, obviously. Silly habits.

[...]

> What about having "inventory.chk" files? If you try downloading it and
> it's not there, you've just got an unsigned/unchecksummed repository.

This looks like my proposal with security-context file and its signature,
doesn't it? If so, I'm glad we are iterating to something which looks like
doable...

> Or you could arrange things so that:
>
> 	1$ darcs record -m 'blah'
> 	2$ darcs record -m 'blat'
> 	3$ darcs tag -m 'version 42'
> 	4$ darcs sign-repository
>
> is entirely fine, and the fact that the repo doesn't have a signature
> until step 4 just means that "darcs pull --check-sigs" will fail.

Yes, that's also what I have in mind. If darcs keeps nice sha1 checksums
for patches and related files for checking integrity of repository, then
we don't need to sign for localhost usage, but just for push to untrusted
domain.

Thanks,
Karel
--
Karel Gardas                  kgardas at objectsecurity.com
ObjectSecurity Ltd.           http://www.objectsecurity.com





More information about the darcs-users mailing list