[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Monotone Security
From: |
Daniel Carrera |
Subject: |
Re: [Monotone-devel] Monotone Security |
Date: |
Thu, 16 Oct 2008 00:09:01 +0200 |
User-agent: |
Thunderbird 2.0.0.17 (Macintosh/20080914) |
Timothy Brownawell wrote:
MTN: WARNING! Unrecognized key in the server:
MTN:
MTN: address@hidden bc552a65085e0e55472b91a2c169af76ce7b1a62
Sure, but that only gets triggered when someone using that hook does a
checkout / update that wants to use a revision signed by the bad key. It
would mostly work, but wouldn't be foolproof.
Ok. Well, nothing will ever be foolproof, but if it works most of the
time that's already pretty good. Especially since, usually, the moment
*one* developer notices he can post to the mailing list and say "does
anyone know who this address@hidden is? Is he a new developer?". And
then everyone notices.
Sure, but *everyone* has to do that, and all at the same time. If
someone forgets, the bad revision comes right back.
Oh, I didn't think of that. It would be easier if Monotone also had the
other feature we said above: Have the server ignore commits from a key
that it doesn't know about. When you discover the encumbered material,
you db_kill it and remove the offending key from the database. So the
next time a developer syncs he doesn't put the bad revision back in.
So the safe way is
to have one person make the change and set the branch epoch (a cookie
that tells netsync to abort if the two sides don't match), and then
everyone else pulls a fresh db from that person. Then if someone with
the bad revision tries to sync they'll get an error message saying the
epoch doesn't match, and maybe they should look into why.
Understood. The problem is fixable, but it is a hassle. And the bigger
the team, the bigger the hassle.
Thanks for the corrections.
Daniel.
- Re: [Monotone-devel] Re: hypothetical - future-dated certs (Re: Monotone Security), (continued)
- Re: [Monotone-devel] Monotone Security, hendrik, 2008/10/16
- Re: [Monotone-devel] Monotone Security, John Bailey, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, hendrik, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Brian May, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Timothy Brownawell, 2008/10/15
- Re: [Monotone-devel] Monotone Security,
Daniel Carrera <=