How to check an authenticity of a changeset?
Hans Meine
hans_meine at gmx.net
Thu Nov 13 09:49:33 UTC 2008
On Thursday 13 November 2008 09:58:47 you wrote:
> On Thu, 13 Nov 2008 08:32:01 +0100, Hans Meine <hans_meine at gmx.net> wrote:
> > No, you cannot do *anything you want*. If you use gpg-signed
> > changesets, you still cannot change a changeset in the repo to be
> > signed by someone else. So this approach is DVCS-safe.
>
> That's true...
>
> I'm a bit worried about the way we hook into PGP though. Keys can
> expire. They may be forcefully cancelled by their owner, and we get
> stuck with changesets *inside* the history of a repository that are
> slightly less useful. But that's another discussion :-)
Oh, true. Even if you still have the time of the changeset, that could also
be forged. One would need to be able to re-sign changesets ex post.
OTOH, doesn't mercurial indirectly allow that already? After all, every child
changeset will reference its hash, and the children will eventually be changed
with newer/other keys. The hash does include the GPG signature, does it?
I think I am not so bothered with this then, even if only the hash is re-
signed.
Greetings,
Hans
More information about the Mercurial
mailing list