[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn-auth + md5 + PKI / GPG

From: Jani Averbach <jaa_at_cc.jyu.fi>
Date: 2003-01-16 06:51:16 CET

On Thu, 16 Jan 2003, Benjamin Pflugmann wrote:

> On Wed 2003-01-15 at 04:17:10 +0200, Jani Averbach wrote:
> >
> > With this arrangement authenticity of repository will be known at any
> > given moment. And every checkout will be checked against those keys. (This
> > is of course optional.)
>
> Sorry, if I am ignorant, but for the client to verify the check-ins,
> the client would have to retrieve all changes seperately, which is not
> the case for subversion.

Here is how I think it would work:

rev #1

You create new file, and commit it with signature. This signature
have to be done in some canonize format (LF ending, and so on) of file, I
have wild gues, that repo's internal format is just fine.

checkout of rev #1

You just check out the file and verify it's signature.

rev #2

You have a local mod to file, and you commit it. The signature will be
generated against "the result what will be the content of repo's versio",
and it will be stored to repository.

checkout #2

You check out diff, and signature of what the text base will look like
after patching.

> If you request an update which involves 1000 revisions, the server
> constructs an "patch" containing exactly these and only send this,
> which can save a lot of traffic.
>

Yes but I am interested only about the result. And the server stores
signature for every current full text what it has. So server has allways
signature for every past fulltexts what it has had, and delta diff to
construct those full texts. So authority of every past text base should be
validateable. Or am I missing something?

> I guess your suggestion works better with a purely changeset based
> version control.
>

Well, I read those OpenCM papers, and I am a little bit confused if this
add any value against client certificate + SSL connection. At least one
would be that client could validate integrity of wc without encrypted
connection to the server.

Note: I can not respond to this thread or any other email about a week,
because I will made a trip to USA.

BTW: If somebody of subversion's developers are around 2003-01-18 16:45 at
international airport of Denver CO, or during the next week at Boulder CO,
I will offer to you a beer or soft drink. =)

BR, Jani

--
Jani Averbach
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 16 06:52:03 2003

This is an archived mail posted to the Subversion Dev mailing list.