bug-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [task #4633] GPG-Signed Commits

From: Mark D. Baushke
Subject: Re: [task #4633] GPG-Signed Commits
Date: Tue, 04 Oct 2005 11:06:17 -0700 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Derek Price <derek@ximbiot.com> writes:

> Derek Price wrote:
> 
> >sessions 1, 2, & 3 exiting.  Should be simple enough.  Not sure what
> >would happen with a really heavily loaded system.  Sylvain, can you give
> >us any statistics on Savannah?  Average number of concurrent users,
> >frequency of commits, frequency all users exit, etc.?
> >
> 
> Or the counter could just be stored in an unbounded char * buffer, with
> homegrown functions to handle the addition, and the counter would never
> need to be decremented.  That wouldn't be so hard, really.  Would be
> hard to DoS too - the number of operations required to increase the
> storage required by the counter would be related exponentially to its
> current size.
> 
> I'm still not sure I'd want to reuse this value as the commitid, since
> NOW + 8 RANDOM BYTES would still be less likely not to collide when
> merged into another repository.

Agreed.

> Hrm.  Perhaps the best solution would still be just to use the
> commitid?  If we ever find a system where both time() and /dev/urandom
> are broken, then we can worry about using a counter as described above
> as a fallback?

I would actually suggest that if time() is broken on the server, that
using gpg should just be disabled as it will never be possible to
validate a signature in that case.

        -- Mark

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFDQsSZCg7APGsDnFERAijjAJsFqRoNE172Fls3NSvLoJ7ekRTk+ACghSW3
SP9JcKN2+iLNR6xz6lIA/0E=
=7WQY
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]