Date: Fri, 4 Oct 2019 18:22:15 +0100 From: Igor Mozolevsky <igor@hybrid-lab.co.uk> To: grarpamp <grarpamp@gmail.com> Cc: freebsd security <freebsd-security@freebsd.org>, Hackers freeBSD <freebsd-hackers@freebsd.org>, freebsd-questions@freebsd.org Subject: Re: Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based Message-ID: <CADWvR2hTvuKnjANQjt0QbXLbYTmjc1PuFW20qWVweyuXZsVo5g@mail.gmail.com> In-Reply-To: <CAD2Ti28X=VMM=oHzFWBJ8b73dT9T4Wi-5ytrBSKBcj4X3Wfn7Q@mail.gmail.com> References: <CAD2Ti2_p0Yq4VBGMnzxfJABaV94D4a0vsVMuAGgQn6Cm06p%2B_w@mail.gmail.com> <CAD2Ti28X=VMM=oHzFWBJ8b73dT9T4Wi-5ytrBSKBcj4X3Wfn7Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Sep 2019 at 22:01, grarpamp <grarpamp@gmail.com> wrote: > > For consideration... > > SVN really may not offer much in the way of native > internal self authenticating repo to cryptographic levels > of security against bitrot, transit corruption and repo ops, > external physical editing, have much signing options, etc. > Similar to blockchain and ZFS hash merkle-ization, > signing the repo init and later points tags commits, > along with full verification toolset, is useful function. <snip> Isn't UNIX(TM) philosophy that a program should do one thing and do it well? Just because people can't be bothered to learn to use multiple tools to do *multiple* tasks on the same dataset, is not a reason, let alone "the reason," to increase any program complexity to orders of N^M^K^L so that one "foo checkout" does all the things one wants! Incidentally, how does that saying go, if you think "crypto" is the solution to your problem, then ... (I'm slightly paraphrasing, of course). When crypto invalidates a repo, how would it be different from seeing non ASCII characters in plain ASCII files, or sudden refusal to compile---one way or another you'd still need to restore from BACKUP, hence crypto IS NOT a substitute for good data keeping practices. Also, what empirical data do you have for repo bitrot/transit corruption that is NOT caught by underlying media? -- Igor M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADWvR2hTvuKnjANQjt0QbXLbYTmjc1PuFW20qWVweyuXZsVo5g>