[darcs-devel] [Haskell-cafe] Re: announcing darcs 2.0.0pre3

David Roundy daveroundy at gmail.com
Thu Jan 24 13:32:41 EST 2008


On Jan 23, 2008 5:47 PM, zooko <zooko at zooko.com> wrote:
> > In principle it is good to provide a cryptographically secure hash, as
> > this allows users to sign their repositories by signing a single file,
> > which seems like it's potentially quite a useful feature.
>
> Can you be more specific about this -- who can "sign" a repository?
> How is such a signature checked?  What guarantee can you rely on if
> the check passes?

All data in the hashed format is hashed.  Darcs doesn't implement any
checking of signatures, but you could (relatively) easily do so by
hand.  Just sign _darcs/hashed_inventory, and if the signature is
valid and the repository is consistent (which darcs automatically
checks for any portion of the repository that it accesses), then the
repository hasn't been tampered with (since it was signed, anyhow).

As far as what the guarantee is, all contents of the repository
(except _darcs/prefs/ and of course the working directory) are
accessed by hashes stored in that one file.

David


More information about the Haskell-Cafe mailing list