[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Merging branch to allow duplicate key names, have c
|
From: |
Thomas Keller |
|
Subject: |
Re: [Monotone-devel] Merging branch to allow duplicate key names, have certs use key hash |
|
Date: |
Fri, 14 Aug 2009 11:32:06 +0200 |
|
User-agent: |
Thunderbird 2.0.0.22 (Macintosh/20090605) |
Timothy Brownawell schrieb:
> I think branch net.venge.monotone.keys-by-hash is ready now.
>
> The central change is that certs contain a key hash instead of a key
> name, to get rid of the problem with key collisions.
>
> Since this explicitly allows for duplicate key names, hooks that operate
> on keys get a table containing "id" (the key hash), "name" (a local
> name, given by another hook), and "given_name" (the name given when
> creating the key).
What exactly is the local name? Something like a "local alias" for a
unique key?
> 'automate certs' prints the key hash where it printed the key name
> before, and 'automate keys' lists both local and given names instead of
> only one name.
I've checked 'automate certs' output and saw that only for new revisions
the key hash is outputted
key [1aaecf3a7c227e5545b0504aea5d3716d3128117]
signature "ok"
name "author"
value "address@hidden"
trust "trusted"
while for old revisions key still points to the plain key name
key "address@hidden"
signature "ok"
name "author"
value "Timothy Brownawell <address@hidden>"
trust "trusted"
Do you think its a good idea to mix both output types together? I'd have
thought it would be better to do something like this:
key "address@hidden"
hash [1aaecf3a7c227e5545b0504aea5d3716d3128117]
signature "ok"
name "author"
value "address@hidden"
trust "trusted"
key "address@hidden"
hash []
signature "ok"
name "author"
value "Timothy Brownawell <address@hidden>"
trust "trusted"
where [] stands for "not uniquely resolvable", i.e. this is a legacy
cert. This way the impact for automate implementors is minimal, because
the automate certs format gets only slightly extended.
I'll play around a bit more with your branch - looks cool so far.
Thomas.
--
GPG-Key 0x160D1092 | address@hidden | http://thomaskeller.biz
Please note that according to the EU law on data retention, information
on every electronic information exchange might be retained for a period
of six months or longer: http://www.vorratsdatenspeicherung.de/?lang=en
signature.asc
Description: OpenPGP digital signature
Re: [Monotone-devel] Merging branch to allow duplicate key names, have certs use key hash, Timothy Brownawell, 2009/08/20