[darcs-users] Data Integrity

Dan Pascu dan at ag-projects.com
Sun Apr 12 19:14:31 UTC 2009


On Friday 10 April 2009, Daniel Carrera wrote:
> > Some people do not have GPG keys.  I do not think Darcs should force
> > newbies to create keys before they can submit patches, so I think
> > there needs to be a way to have unsigned patches, and to add a
> > signature later on.
>
> While I agree with not requiring people to have GPG, I'm not sure about
> not requiring people to have *some* sort of key. Whenever you do start
> a project you have to do a 'darcs init' anyways, and you have to supply
> a user name anyways. Why not ask for a password and generate the key at
> the same time you are initializing the directory?

Because I may not be paranoid and do not need to sign my patches. Because 
I do not need the aggravation of dealing with something I have no use for 
and slows down every operation involving patch manipulation as it has to 
either generate or to validate a digital signature. Because it's a choice 
of the user if he needs/wants such a thing and it should not be forced on 
him because someone else thinks it's a must.

> > You've been talking about "integrity", which to my mind is a separate
> > issue from having trust infrastructure.  Are we talking about one or
> > the other, or both?
>
> They are related though. I want to know that your patch has not been
> altered either by accident or through malicious action. That's mostly
> integrity, but it touches on trust ("only accept patches signed by one
> of these keys").

If integrity is all that matters a simple digest algorithm like md5/sha 
would be enough to validate if a patch was not altered. GPG is not 
necessary unless you also want to also do authentication.

-- 
Dan


More information about the darcs-users mailing list