[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] More authentication questions
|
From: |
Nathaniel Smith |
|
Subject: |
Re: [Monotone-devel] More authentication questions |
|
Date: |
Mon, 25 Apr 2005 20:18:07 -0700 |
|
User-agent: |
Mutt/1.5.9i |
On Mon, Apr 25, 2005 at 03:56:18PM -0700, K. Richard Pixley wrote:
> Nathaniel Smith wrote:
>
> >Once you have received information, there is a second question, of
> >whether you trust it or not. This is where finer-grained permissions
> >come in, and has nothing to do with netsync.
> >
> >
> Ok, so, um... what happens when a revision I trust arrives, but is
> derived from a revision I don't trust? What ends up in my repository?
Well, let's look at what happened here:
Alice wrote revision A.
Bob decided A was a suitable base for his work on revision B.
(Perhaps fixing up whatever problems he saw in A in the process.)
You get revisions A and B. You trust Bob's judgement, so your
monotone has been instructed to trust his revisions. So you
trust revision B to be good. Your monotone will happily update
to revision B, but not to revision A.
The actual rule is currently, "if there's a branch cert on a revision,
and we trust that branch cert, then we believe that revision is in
that branch." No reference is made to ancestry. The above little
anecdote is the justification.
Now, there's other sorts of things you also might want, like "trust
only revisions that have a continuous chain of 'this patch reviewed'
certs leading to them", since people alway review patches, not whole
trees. There are a few different approaches one could take to that;
ATM, monotone doesn't have any special support for any of them. It
might in the future; like the 'testresult' certs, we have some rough
ideas here, but we still have to play around with designs some.
-- Nathaniel
--
.i dei jitfa fanmo xatra