On Apr 5, 2010, at 3:16 PM, Gé Weijers wrote: > > > On Mon, 5 Apr 2010, David Bainbridge wrote: > >> So this comment by Gé grabbed my attention: >>> I work in a heavily regulated industry, and legal concerns have >>> been keeping >>> us from implementing any and all DVCSes until now. >>> >> >> I wonder what has changed? Is it a greater understanding of some of >> the issues discussed in the mail? > > The biggest issue is that you cannot be 100% sure who committed code > when you can trivially commit pretending to be anyone and move code > by merging with 'unofficial' repositories. The person pushing a > change to the central repository is not necessarily the person who > made the change, and that affects auditability and forensic > analysis. That's an issue in an industry where being a dishonest > insider can potentially make you wealthy.
Hence, Fossil has from the beginning supported the ability to PGP sign check-ins. The PGP signature is optional. If a check-in is signed, you know exactly who originally made that check-in. In situations where it matters, simply assume that an unsigned check-in is malicious and avoid using or it. Fossil could be enhanced, I suppose, to given a clear visual indication to those check-ins that are signed by trusted individuals, and those which are not. Or, it might give a warning prior to doing a new check-in or merge against an unsigned check-in. Things like that. It would not be hard to add these features as the underlying file format supports them. It is just that the need hasn't come up yet. D. Richard Hipp d...@hwaci.com _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
