[darcs-users] Data Integrity
Daniel Carrera
daniel.carrera at theingots.org
Sun Apr 12 22:06:08 UTC 2009
Dan Pascu wrote:
> I may be wrong on this, but I'm under the impression that this can be done
> (if it's not already), as with the hashed format, the hash name used for
> patches and files is already correlated with the contents, so a simple
> integrity check is possible (if not already done as I said).
I'd like to know exactly how it is correlated, but it could easily be
useless. For example, if darcs hashes whatever file it got from the
remote repo and uses that, that'll tell you nothing about whether the
file is correct.
> IMO, whatever you have in mind is too heavy for a user that doesn't care
> or doesn't need to verify identities by means of digital signatures.
> This is why I must reiterate my point, that while I think this can be a
> useful addition, I do not want to see it enforced on each and every
> repository by default. It must be a user choice, if to use it or not.
Ok. User choice is fine, as long as there is a configuration option that
makes signing/checking the default. This is necessary for some applications.
Btw, the actual signing should not be very heavy. True, RSA is slow, but
you are only applying RSA on a 40-character string. Computing the hash
is fast too because SHA1 is fast. The really slow part is going to be
commuting patches in order to find the minimal context for the patch.
Daniel.
More information about the darcs-users
mailing list