Re: Cryptographic hash computations for a revision range on the repository side

From: Thierry Moreau <thierry.moreau_at_connotech.com>
Date: Tue, 21 Jan 2014 07:11:28 -0500

<quote>
And what's the difference to your proposed solution?
</quote>

Basically, the differences are that a) one has to control paper sheet(s)
instead of a private signature key data value and computing environment,
and b) this control is about integrity only, no need for long-term
private signature key secrecy protection.

But I agree that the attractiveness of the procedure is debatable. IT
security is seldom devoid of impediments.

Either way my questions remain: which files are involved in a digital
signature of a revision range? Also which subversion legitimate
operations (e.g. move repository from Linux to Windows) would invalidate
the digital signatures?

(not being a subscriber to the list, a CC to me would be appreciated)

Thanks

-- 
- Thierry Moreau
thierry.moreau_at_connotech.com

Received on 2014-01-21 13:12:34 CET

This message: [ Message body ]
Next message: Ræstad Atle Eivind: "Disjoint working copy"
Previous message: Thorsten Schöning: "Re: Cryptographic hash computations for a revision range on the repository side"
Maybe in reply to: Thierry Moreau: "Cryptographic hash computations for a revision range on the repository side"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]