Re: [Monotone-devel] Key identities...

[Jack Lloyd]

On Mon, Nov 05, 2007 at 12:35:46AM -0800, Nathaniel Smith wrote:
> On Sun, Nov 04, 2007 at 07:13:08PM +0100, Richard Levitte wrote:
> > So, I'm wondering, is there any reason, except for the database
> > migration that will follow and the fact that *someone* will have to do
> > the job, that stops us from switching to identifying keys by
> > fingerprint rather than name, at least internally?
> 
> Define "identify"?
> 
> It is certainly a security problem to allow a user to end up with
> multiple keys that are indistinguishable in normal use, because they
> are always described the same way (by printing the key name).
> (Running 'ls keys' and squinting at the output does not count as
> distinguishable in normal use.)

What if keys were versioned, so multiple keys with id
'address@hidden' show up in displays as 'address@hidden<1>',
'address@hidden<2>', ...

I'm not sure exactly how you would want to order the keys. Ideally it
would be something meaninful and stable over time and across different
checkouts. Maybe by date of earliest (seen) trusted certificate? I'm
not sure how expensive any of this would be to do with the current
monotone schema.

-Jack