[Cryptech Core] git, again

Randy Bush randy at psg.com
Mon Jan 13 09:35:50 UTC 2014

Previous message (by thread): [Cryptech Core] git, again
Next message (by thread): [Cryptech Core] git, again
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Seems that you are talking about procedure, when every downloader
> checks the signature under every commit, right?

this is my feeble understanding

the sha-1 gives a pretty strong guarantee of data integrity.  the
signatures give you auditability so you can assign blame.  if you
verify them on input no need to verify on output as sha-1 covers.

randy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: not available
URL: <https://lists.cryptech.is/archives/core/attachments/20140113/87d6a559/attachment.sig>

Previous message (by thread): [Cryptech Core] git, again
Next message (by thread): [Cryptech Core] git, again
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Core mailing list