[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL
From: |
Daniel Carrera |
Subject: |
Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL |
Date: |
Tue, 21 Oct 2008 16:11:30 +0200 |
User-agent: |
Thunderbird 2.0.0.17 (Macintosh/20080914) |
Markus Wanner wrote:
Daniel Carrera wrote:
My position is that what the PGP web of trust provides identification
but not authorization and so it does not help Monotone.
According to your own definition below, PGP only provides
authentication, not identification.
Hmm... The PGP web of trust verifies that the key you are looking at
belongs to the guy called Daniel Carrera. That is identification and
authentication: 1) Who are you? 2) Prove it.
I any case, I hope that you got the general gist of my meaning. PGP
would not make it easier to figure out if Daniel should be allowed to
send patches to the server.
To authorize someone to do something, you certainly need authentication.
Otherwise, how do you know who you authorize to do something?
PGP tells you that a certain key really belongs to the guy called Daniel
Carrera. But honestly, do you care? What you really want to know is
whether the owner of his key (whoever he might be) is allowed into the
server. PGP doesn't provide that, and it doesn't make it easier.
PGP and Monotone can both verify that a patch is signed by a given key.
And with either system, you have to upload the key to the server to
authorize the owner.
As you can see, using PGP doesn't buy you anything. Sure, you could
replace Monotone keys with PGP keys. Keys are keys and either could be
uploaded to the server to server for authentication. But the PGP method
is more expensive and doesn't get you any features that you need that
Monotone keys don't already provide.
On the topic of "web of trust": PGP's web of trust is a method to verify
the identity of a key owner. Brian can verify that I am the owner of the
key xyz (because we met in person) and you trust Brian, so you also
trust that I am the owner of the key xyz. But this doesn't tell you
whether you should trust me to commit code. PGP's web of trust does not
include a field for "Daniel is a good coder". It only verifies my
identity. You want to share ACLs between servers. PGP would not give you
that. PGP's web of trust has nothing to do with ACLs. Projects that use
PGP (like Debian) still do access control "manually".
Using GPG from monotone would allow to authenticate someone by his GPG
key instead of by his monotone key.
And what is the point of doing that?
And GPG keys are much more wide spread than monotone keys, which
might be a reason to at least support GPG.
I don't see how the spread of GPG matters. You are not going to give
someone commit access or trust their keys because they already have GPG.
You have to assign access control "manually" one way or the other. The
one feature that PGP provides on top of Monotone is the one that you
don't care about.
I'd state that PGP provides authentication - pretty independently of the
name and email. As an example, I've just recently changed my name due to
marriage, but the PGP key and my identity remained the same. I simply
added my new name, now having "Markus Schiltknecht" and "Markus Wanner"
as names for my identity.
That's identification. The ACL should not care whether your name is
Schiltknecht or Wanner. If you buy a bus ticket, your name is not on the
ticket but it still authorizes you to use the bus. And there is a
machine or a person inside the bus that authenticates the ticket
(verifies that it is valid). These are the things you want in Monotone.
You want to know whether key xyz is allowed to commit patches or not.
should be allowed into the server. For that purpose, PGP doesn't appear
to provide anything that Monotone's light-weight alternative doesn't
already provide.
I absolutely agree to that from a technical point of view.
You do? Then what are we arguing about?
But it
requires people to create monotone keypairs, whereas by supporting GPG,
they could use their existing GPG keypairs.
Ok. I think we have isolated the crux of the argument. We agree that
from a technically point of view GPG and Monotone keys both provide the
authentication needed (verify that a patch really belongs to a certain
key). You say that Monotone should use GPG because that way people can
reuse their existing GPG keys. Not because GPG has a feature that we
don't already have besides being popular.
Are we on the same wavelength?
Daniel.
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, (continued)
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Markus Wanner, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Richard Levitte, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Markus Wanner, 2008/10/21
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL,
Daniel Carrera <=
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May, 2008/10/23
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/24
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Brian May, 2008/10/29
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Daniel Carrera, 2008/10/20
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Ethan Blanton, 2008/10/20
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Markus Wanner, 2008/10/20
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Timothy Brownawell, 2008/10/20
- Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Markus Wanner, 2008/10/20
Re: [Monotone-devel] WARNING: ~/.monotone/keys CONSIDERED HARMFUL, Timothy Brownawell, 2008/10/19