[darcs-users] Data Integrity
Daniel Carrera
daniel.carrera at theingots.org
Thu Apr 9 14:36:14 UTC 2009
Nicolas Pouillard wrote:
> Although making a checksum when tagging is fairly easy and darcs should
> have an option to insert the hash in the tag description (or make it
> the default).
>
> I would guess that using the pristine hash for this purpose would be fine,
> in this case this is as simple as :
>
> darcs tag $(head -n 1 _darcs/hashed_inventory | cut -d: -f2)
That sounds good. And the 'tag' command could sign the hash. For
signatures, Darcs could either use GPG or perhaps better, the Haskell
Cryptographic Library: http://www.haskell.org/crypto/
You could store keys in ~/.darcs/keys so they are not attached to the
repository.
In fact, Darcs could sign all patches, so that tags are not "special". I
just took a look at the Darcs 2 format. It looks like it should be easy
to add an RSA signature. This is what a patch looks like:
[Issue #011: Write hello-world.
daniel.carrera at theingots.org**20090331192735]
hunk ./hello.php 1
+ <? echo "hello world\n"; ?>
There's no context information that I can see. Hence, I imagine that the
patch would look the same on someone else's computer. If that's correct,
you can just sign it.
So now, every time you pull a patch, Darcs would check the signature.
And for a tag, Darcs would also check that the hash in the tag matches
the current pristine tree hash. With these features, I think Darcs would
largely close the gap with the other more integrity-oriented SCMs.
Cheers,
Daniel.
More information about the darcs-users
mailing list