| 1 |
On Mon, Jun 4, 2012 at 4:18 PM, Rich Freeman <rich0@g.o> wrote: |
| 2 |
> How do you KNOW that the nearest signed descendant actually merged it? |
| 3 |
> |
| 4 |
> How do you know it wasn't added by a hacker? |
| 5 |
|
| 6 |
Because then the signature for the nearest signed descendant wouldn't |
| 7 |
check out (unless it got hacked before he signed it, of course, but in |
| 8 |
that case hopefully he wouldn't sign it...). |
| 9 |
|
| 10 |
> Also, when walking the tree keep in mind that there isn't just one |
| 11 |
> path in it (with merge commits), and the links are from any particular |
| 12 |
> HEAD going back. I'm not convinced that this is impossible, but it |
| 13 |
> isn't as trivial as it might seem at first glance. |
| 14 |
|
| 15 |
Well, this only means there might potentially be multiple nearest |
| 16 |
signed descendants, but I don't think that's a problem. Feel free to |
| 17 |
shoot holes in it, but I think this checks out. |
| 18 |
|
| 19 |
Of course, we'd have to make sure the tip of whatever is pushed is |
| 20 |
always signed, but the hook for that should be trivial. |
| 21 |
|
| 22 |
Cheers, |
| 23 |
|
| 24 |
Dirkjan |
Archives