Voting foo as PQM policy? [was: attn folk doing reviews.]
Jan Hudec
bulb at ucw.cz
Wed Jan 25 08:54:06 GMT 2006
On Wed, Jan 25, 2006 at 03:36:48 -0500, James Blackwell wrote:
> On Wed, Jan 25, 2006 at 05:38:56PM +1100, Robert Collins wrote:
> > On Wed, 2006-01-25 at 01:29 -0500, James Blackwell wrote:
> >
> > > > What about latency? Branches age - and signatures would [presumably] be
> > > > only on the revid that PQM found on the branch, to stop bait-and-switch
> > > > problems. So, would the review cycle be fast enough to address this ?.
> > > > Also, if changes are needed, do previous votes still apply? (and how is
> > > > this represented given the bait-and-switch issues that relate to this)
> > >
> > > I'd imagine that pqm would do a branch --basis upon the request. This
> > > would also protect against people giving URLS for which there is no
> > > branch.
> >
> > At the cost of allowing a DOS on local storage.
>
> I'd prefer risking a DOS over bait-and-switch. One is a fail-safely and
> the other is a non-detected failure. Anyways, onto the issue that concerns
> you more.
Perhaps it would be enough to request a testament signature and then
verify the testament both when showing the diff and when applying.
Perhaps the branch should be cached (for faster access), but then
discarded if there is not enough room and verified by testament when
re-fetching.
--
Jan 'Bulb' Hudec <bulb at ucw.cz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060125/38045e4c/attachment.pgp
More information about the bazaar
mailing list