Re: [Arx-users] Playing with sig command

[Kevin Smith]

On Sun, 2004-12-12 at 00:21 -0500, Walter Landry wrote:
> Kevin Smith <address@hidden> wrote:
> This is, partly, yet another manifestation of ArX being silent when
> you specify an incorrect branch.  Yet another reason to fix it
> (arx.2.1,153).

I'll be interested to see this fix. I just fixed the silent failure of
the "browse" command locally, and there didn't seem to be a general
place to fix it that would have affected other commands. I'll look at
what you did...

> > Of course, since quintuple agent is installed but not yet working on my
> > machine (for unknown reasons), I now have an invalid archive, where a
> > key is specified, but only a couple patches are signed. Not good.
> 
> Hmm. Invalid is a bit strong.  I can get those few revisions you
> signed, and it will verify those signatures.  In any case, you can't
> prevent this from happening, even with an agent, because you can press
> Ctrl-C in the middle.

True, but we can make it harder to create the case.

> > Also, you should be able to sign an entire archive, rather than just a
> > branch. That's what you want to do when you have an existing archive.
> 
> Ask, and you shall receive (arx.2.1,148).  This will also make the
> first two commands you typed

Sweet. Thanks. Makes the docs cleaner, too.

> > Ah. I guess it would be if a few patches were signed by a key that has
> > recently been deleted. Seems like it would be better to handle that as
> > part of the delete process, so things never become invalid. The act of
> > deleting a key could automatically sign the now-orphaned items with a
> > key you specify.
> 
> I think that will make things even more complicated.

Ok, but deleting a key from an archive should warn the user that any
corresponding patches need to be re-signed before they can be retrieved.
Hopefully sig --add for an archive will leave existing valid signatures
alone, but will sign anything that is unsigned OR was signed by someone
not listed in the archive. If not, that's going to be a lot of tedious
work on the part of the user. That's not high priority (since it's a
rare case), but is high value when needed.

Also, I would argue that deleting keys from archives, and deleting
signatures from items this should probably prompt "are you sure?" unless
--force is specified (Unless they are deleting a signature made by a key
that has already been removed from the archive). These operations are
almost never what the user would actually want to do, and are not easily
reversible.

> > If signing individual patches really is a necessary feature, it should
> > be shoved way in the back where normal folks won't get confused by it. 
> 
> I think this is a documentation issue.  Most people will never have to
> use the sig command.

Exactly.

Thanks for your quick work on these items. It's great to feel like I am
making worthwhile suggestions, and being heard. I'll take another pass
through the latest docs and online help later today.

Kevin