Re: [Gnu-arch-users] (volunteers?) crypto signatures for arch

[Robert Collins]

On Mon, 2003-12-08 at 06:13, Tom Lord wrote:

> 
> 3) Modify arch_pfs_connect to collect a passphrase
> 
>    It's a bit icky to keep the passphrase in tla's memory but I think
>    it's more reasonable in this case than the alternatives.
> 
>    In libarch/pfs.c(arch_pfs_connect), after connecting, look for
>    the "signed-archive" file.   If present, prompt the user for 
>    a passphrase and record it.

Are you about this? GPG goes to some lengths to ensure that in-memory
passphrases aren't swapped out, so as to prevent presence in cores etc.
There are passphrase daemons around that can provide passphrases
automatically (see q-agent).


> 7) treat the passphrase "copy" specially.

This feels wrong. 

I think a better way to indicate copying of signatures is via an
explicit parameter, not via a magic passphrase.

There is another thing to note: you haven't provided anywhere to declare
which gpg uid / key to sign with. It's not uncommon for folk to have
more than one signing identity.

Now, in a multi user archive, there may be different folk committing
with their own keys. So, an archive-specific metadata to select the
committing key won't support multiple committers. Therefore we can
either have some local metadata associated with the location, or we can
use a parameter to commit (and/or a field in the user edited log file).

I suggest --gpg-key=<string> to commit, and have no field name to
suggest at this point.

Rob



-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.

signature.asc
Description: This is a digitally signed message part