[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: darcs vs tla
|
From: |
Jan Hudec |
|
Subject: |
Re: [Gnu-arch-users] Re: darcs vs tla |
|
Date: |
Tue, 16 Nov 2004 20:44:22 +0100 |
|
User-agent: |
Mutt/1.5.6+20040907i |
On Mon, Nov 15, 2004 at 22:31:09 +0100, Karel Gardas wrote:
> On Mon, 15 Nov 2004, Dustin Sallings wrote:
>
> >
> > On Nov 15, 2004, at 3:45, Karel Gardas wrote:
> >
> > > Darcs' cons:
> > >
> > > - darcs does not support patch signing (showstopper for me)
> >
> > That's not *exactly* true. darcs does support having signed patches
> > on send when using the following flags:
>
> You are right! I've completely omited this since in comparison with tla's
> support it looks quite weak. i.e. tla support signing/verification for
> every transport AFAIK, at least I'm using sftp/http and
> signing/verification works well for them. So I should rather rewrite my
> original statement to:
>
> - darcs does not support patch signing/verification except simple
> email-based transport method (showstopper for me)
Arch does not support signing/verification for transport -- it supports
it for STORAGE. That's the key point. The signatures are stored and can
be validated at any point in future. Eg. after a security accident.
> > While the signature isn't recorded in the patch itself or your working
> > tree (although the patch name includes the sha1), it can be validated
> > if you keep the source of the patch (i.e. an email archive if you're
> > using email for transport).
>
> Yes, I will probably need to go to darcs mailing list to find out why
> signatures are not part of patch and why it does not verify automatically
> when they are presented (while using apply command), i.e. currently it is
> quite easy to apply unverified patches just by mistake IMHO.
>
> Anyway thanks for the hint!
>
> Karel
> --
> Karel Gardas address@hidden
> ObjectSecurity Ltd. http://www.objectsecurity.com
>
>
>
>
> _______________________________________________
> Gnu-arch-users mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/gnu-arch-users
>
> GNU arch home page:
> http://savannah.gnu.org/projects/gnu-arch/
>
-------------------------------------------------------------------------------
Jan 'Bulb' Hudec
<address@hidden>
signature.asc
Description: Digital signature
- Re: [Gnu-arch-users] Re: darcs vs tla, lode . leroy, 2004/11/15
- Re: [Gnu-arch-users] Re: darcs vs tla, Karel Gardas, 2004/11/15
- Re: [Gnu-arch-users] Re: darcs vs tla, Dustin Sallings, 2004/11/15
- Re: [Gnu-arch-users] Re: darcs vs tla, Karel Gardas, 2004/11/15
- Re: [Gnu-arch-users] Re: darcs vs tla,
Jan Hudec <=
- Re: [Gnu-arch-users] Re: darcs vs tla, Karel Gardas, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Jan Hudec, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Karel Gardas, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Alexey N. Solofnenko, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Charles Duffy, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Alexey N. Solofnenko, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Karel Gardas, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Andrew Suffield, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Alexey N. Solofnenko, 2004/11/16
- Re: [Gnu-arch-users] Re: darcs vs tla, Talli Somekh, 2004/11/16