Re: Linux Kernel Summit

On Tue, 3 Apr 2001, Greg Stein wrote:

> Guys... we already said that we're going to be adding MD5 hashes and having
> a "scan/verify" utility. In 1.0.

Count me as agreeing with Jason and Peter, for whatever that's worth. The
ability to trust the revision control system to be a completely reliable
data repository is really quite important, and it's with a (configurable)
performance hit to add extra sanity checking...

Here's my questions at the moment:

(1) Will the MD5 hashes be kept for EACH version that may be reconstructed,
    so that the reconstructed file can always be compared against a hash of
    the ORIGINAL data? (Hashes on deltas alone isn't good enough for an
    end-to-end integrity check.)

(2) Will that utility be able to scan/verify ALL reconstructable revisions
    and verify their MD5 hashes, or only the current revision?

(3) Will there be a configuration option (preferably configurable on a
    file, directory, project or archive basis) that will allow the MD5 hash
    validation (end-to-end) to be automatically performed on (configurably)
    (a) the current and previous revision, or (b) all revisions? (Which
    would be configured based on the importance of the data and/or the
    level of paranoia of the system administrator...)

(4) Will MD5 hashes be kept on the client side as well, so it can do checks
    end-to-end instead of having to completely trust the server to do it?

I guess that's all for now. :-)

Deven
Received on Sat Oct 21 14:36:28 2006