[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Cryptographic hash computations for a revision range on the repository side

From: Thierry Moreau <thierry.moreau_at_connotech.com>
Date: Tue, 21 Jan 2014 07:11:28 -0500

And what's the difference to your proposed solution?

Basically, the differences are that a) one has to control paper sheet(s)
instead of a private signature key data value and computing environment,
and b) this control is about integrity only, no need for long-term
private signature key secrecy protection.

But I agree that the attractiveness of the procedure is debatable. IT
security is seldom devoid of impediments.

Either way my questions remain: which files are involved in a digital
signature of a revision range? Also which subversion legitimate
operations (e.g. move repository from Linux to Windows) would invalidate
the digital signatures?

(not being a subscriber to the list, a CC to me would be appreciated)


- Thierry Moreau
Received on 2014-01-21 13:12:34 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.