Feature request: More crypto please!
Daniel Holth
dholth at fastmail.fm
Fri Feb 2 09:15:35 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Marc Bevand wrote:
> Daniel Holth <dholth <at> fastmail.fm> writes:
>> Feature Request:
>>
>> Each user has a digital signing certificate associated with their name
>> and e-mail address.
>
> See the gpg extension:
> http://www.selenic.com/mercurial/wiki/index.cgi/GpgExtension
>
> -marc
That is completely different. The GPG extension cannot sign a revision
until it already exists. I want all revisions to be signed all the
time. I don't want to accept two commits for every revision: committed
revision, signed revision.
For the proposed feature I'm not sure it makes sense to account for
the signature in the unalterable history and sha1 hash of a changeset.
What if I revoke my key later on if it should become compromised? What
if multiple people want to sign the same changeset? Is it really a
different changeset if it has zero, two, three, or ten signatures?
The proposed feature should be thought of as an impossible to forge
Signed-off-by: line. I would expect every committer to sign every
commit they produce, unless perhaps they specifically wanted the
commit to be blocked by a signature count / verify script.
The digital signature should probably be interpreted as a weaker
endorsement of the code than a Signed-off-by: line or a GPG signature.
It just means "I created this commit" (even if it was because I was
re-writing 5,000 revisions because I like revisionist history or mq).
- - Daniel Holth
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFwwE3Vh4W2pVfoMsRAq7DAKDo71LO8+yRUD8ml+kFlv11NRYpTACg0hhg
99c3X+pTIvvqAYR7NTuYAOw=
=pXAF
-----END PGP SIGNATURE-----
More information about the Mercurial
mailing list