zooko wrote: > Hello Max Battcher -- I'm sorry that I didn't see this letter that you > wrote to me on darcs-users on 2008-08-12.
Allow me to apologize in return for getting back to this slowly (crazy couple of weeks)... > On Aug 12, 2008, at 21:32 PM, Max Battcher wrote: > >> Just out of curiosity, does he know about context files? If so does he >> not find them sufficient? > > Yes he does. He uses them occasionally on the command-line, but > more-over he wrote darcs support in buildbot which uses context files in > places where other revision control tools use sequence numbers or secure > hashes. > > He is dissatisfied with them because they aren't short and because they > aren't secure. Well, I've argued before that short doesn't necessarily correspond with handy or useful. It can sometimes be easier to find and email a small file as it would to open a file or run a program, find an identifier amongst the information and then copy and paste it into an email... > I actually sort of disagree with him on that latter point, or more > nuancedly I suspect that the vaunted secure-hash-based integrity checks > in monotone, git, et al., which Brian wishes to have in his revision > control tool, are actually insufficient to provide the kind of security > that we need, but I won't explain more about that in this letter. My feeling as well, although perhaps I haven't spent as much time formalizing it. I think that for most things we might use version identifiers for we can rely on out-of-band security: ie, does it make sense for a developer or user to edit a context file to make up some version that doesn't exist when trying to interact with the project or pointing out a bug? If we actually need to insure a secure identifier, it's easy enough to sign a context file with a GPG key and test for that signature... I could see a potential shortcut in having darcs sign a context file (as it does patch bundles with darcs send --sign), but does darcs changes really need --sign or -o? Anyway, is a hashed context file much different from Darcs 2's hashed inventory files? I don't know if there is any use in exploring that relationship... My gut feeling is that it wouldn't be all that useful, but that could just be lack of imagination at the moment. Maybe you could ask Brian for specific usage scenarios where a shorter/securer identifier is nice/necessary/simpler? >> I still think that right now the best documentation on context files is >> my own blog post: > > By the way, way to go on adding more documentation to darcs! Please > keep up your practice of converting your blog posts into wiki or manual > pages. Thanks. I may not have much opportunity to do so this Fall, but we'll see. -- --Max Battcher-- http://www.worldmaker.net/ _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
