Which testament to choose?
John Arbash Meinel
john at arbash-meinel.com
Mon Nov 3 19:24:03 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
James Westby wrote:
> Hi,
>
> It's time for my weekly bzr API question.
>
> To allow us to audit branches for tampering I am storing a mapping of
> tags->revision-ids for each branch (the location of tags is critically
> important for the use we put them to).
>
> However, due to revision ids being arbitrary strings this does little
> to prevent attacks.
>
> I would therefore like to also store something that will give some
> assurances about the data. I would like something similar to storing
> the sha name that git would give to the revision.
>
> The obvious choice in the bzr world would be the testament, but I
> am confused by the different types of testament, and don't want
> to make the wrong choice.
>
> It seems like I should use a StrictTestament, but I am not sure which,
> and I am not sure why there is even a non-strict Testament.
>
> Also, will storing the short form be any worse than storing the full
> testament?
>
> Thanks,
>
> James
>
IIRC, the normal Testament verifies that the tree shape and contents are
valid (and it is what gets gpg-signed). StrictTestament also asserts the
"last-modified" values for files, and I think executable bit?
last-modified wasn't in the original testament because it wasn't
considered to be vital. Also, in the presence of ghosts, etc, it may change.
I would probably go with a normal Testament, except for if the
executable bit isn't included.
And short is just the sha1 hash of the long form, so it should be fine.
Unless you want to be able to *compare* to see what is different.
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkkPT9MACgkQJdeBCYSNAAMyNwCcCzTXQ31QsSw63sA2amSanU4c
nAEAn2SSMz9ccr9NBmZCu8KINOT2Et67
=LAre
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list