On Thu, 2006-11-30 at 11:32 -0500, [EMAIL PROTECTED] wrote: > On Thu, Nov 30, 2006 at 12:24:27AM -0600, Timothy Brownawell wrote: > > On Thu, 2006-11-30 at 17:06 +1100, Brian May wrote: > > > >>>>> "Daniel" == Daniel Carosone <[EMAIL PROTECTED]> writes: > > > > > > Daniel> Again, it's not about permissions to change things, it's > > > Daniel> about whether your trust (ie, how you pay attention to) > > > Daniel> what they do. > > > > > > Daniel> In this context, this means that everyone accepts changes > > > Daniel> in the junior branch from junior and denior developers, > > > Daniel> and in the main branch only from the senior developers. > > > Daniel> More specifically, that I only trust main-branch certs > > > Daniel> signed by senior developers. > > > > > > Daniel> From time to time, a senior developer looks at revs in the > > > Daniel> junior branch. > > > > > > What happens if a trusted developer's key becomes compromised > > > (e.g. laptop stolen) or the developer becomes untrustworthy > > > (e.g. fired)? > > > > > > Can you somehow say that old signatures are still valid, but new ones > > > aren't? > > > > Define "new" (monotone has no concept of time). > > Except for a partial order of revisions after other revisions. You > could still give a list of recent valid revisions and let the partial > order fend a lot of older revisions whose certs would also be valid.
But certs can be added to revisions at any time. So even if a revision is known to have been committed before the key was revoked, it's entirely possible that some certs attached to it could have been added after the key was revoked. -- Timothy Free (experimental) public monotone hosting: http://mtn-host.prjek.net _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/monotone-devel