Re: [Monotone-devel] Re: ~/.monotone/keys , privkey packets

[Ethan Blanton]

Timothy Brownawell spake unto us the following wisdom:
> > If you look in commands.cc, you will see that the privkey command
> > writes both the private and public key to the file.  You can even just
> > try the 'monotone privkey' command and look at the output (it's
> > ASCII).
> 
> Yes, but they're still seperate packets. Which kinda complicates things
> if the storage doesn't accept a privkey without its pubkey.
> 
> > tbrownaw> ...Of course, the only time the pubkey needs to be retrieved
> > tbrownaw> from the key store is when we sign something, and as msh
> > 
> > Incorrect.  You use the *private* key to sign things, and the other's
> > public key to *verify* a signature.  This means that we need to be
> > able to extract the public key to publish it, one way or another.
> 
> ...and really, anyone who's been given they private key should be able
> to do that. Not just whoever generated it. So back to the keypair
> packets idea unless we want to (maybe) need a password for 'mtn pubkey',
> I guess...

You could also handle this opportunistically ... if only the private
key is available, ask for the passphrase to generate the public key.
However, if both the private and public keys are available, use the
available public key.  If you have to generate the public key once,
store it to ~/.monotone/keys/.

This is somewhat suboptimal from a complexity viewpoint, but given
that the privkey packet doesn't contain the pubkey...

Ethan

-- 
The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
                -- Cesare Beccaria, "On Crimes and Punishments", 1764

pgp7cSC9EvBcU.pgp
Description: PGP signature