[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: key-management problem
|
From: |
Bruce Stephens |
|
Subject: |
[Monotone-devel] Re: key-management problem |
|
Date: |
Wed, 22 Jun 2005 22:00:16 +0100 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
Matt Johnston <address@hidden> writes:
[...]
> What do you mean by "dependent certs"? Certificates don't
> contribute to the intrinsic "identity" of a revision, so
> child revisions won't be affected if you change any certs
> of a parent. If you have revisions A -> B -> C, with A and C
> signed by Alice, and B signed by Bob, it would be fine for
> Alice to duplicate Bob's signatures on B, and optionally
> remove Bob's signatures on B.
You're right, I think I was confused---one of the changes that
happened with changesets is that the structure of the ancestry graph
is stable, and no longer depends on whose certs each person happens to
trust.
I guess partly that feels a bit uncomfortable, in that it's possible
to do this: to take a database and entirely replace all the certs,
signing them with whatever keys you want. On the other hand, on
reflection I'm not sure why that bothered me.
So should monotone include some facilities for replacing keys, should
someone ever lose their private key, or should someone want to change
their name? (It clearly does happen: I happened to just read the
message asking what to do after the author had lost their private
key.)
[...]