[darcs-users] Data Integrity

Daniel Carrera daniel.carrera at theingots.org
Fri Apr 10 13:53:13 UTC 2009


Trent W. Buck wrote:
> I encourage anyone working on this to check out the prior art.  In
> particular, Debian has recently (in 3.1 or 4.0) added trust support to
> its package distribution facilities, such that packages can't be
> installed from untrusted repositories without a manual override.

The ~/.darcs/keys idea was inspired by Monotone. Most of what I've 
proposed is inspired by Monotone, with proper modifications to fit the 
Darcs model.

> I'm not sure that a single keychain would be adequate granularity for
> me.  For example, I want to trust Eric's work in my Darcs branches, but
> I don't want to accidentally trust him in my government project branches.

Good point.

We could have a file like _darcs/authorized_keys, inspired by SSH. It 
could even have the same format as the one from SSH. This file would not 
be copied when you do a push, pull, etc. It's a local configuration.


>> In fact, Darcs could sign all patches, so that tags are not
>> "special".
> 
> Some people do not have GPG keys.  I do not think Darcs should force
> newbies to create keys before they can submit patches, so I think there
> needs to be a way to have unsigned patches, and to add a signature later
> on.

While I agree with not requiring people to have GPG, I'm not sure about 
not requiring people to have *some* sort of key. Whenever you do start a 
project you have to do a 'darcs init' anyways, and you have to supply a 
user name anyways. Why not ask for a password and generate the key at 
the same time you are initializing the directory?


> You've been talking about "integrity", which to my mind is a separate
> issue from having trust infrastructure.  Are we talking about one or the
> other, or both?

They are related though. I want to know that your patch has not been 
altered either by accident or through malicious action. That's mostly 
integrity, but it touches on trust ("only accept patches signed by one 
of these keys").

Daniel.


More information about the darcs-users mailing list