[Cryptech Core] git, again

Leif Johansson leifj at sunet.se
Tue Jan 14 09:27:45 UTC 2014


On 2014-01-13 10:47, Василий Долматов wrote:
>
>
> It that case you change security focus from repo distribution server to key distribution server, both being equally exposed to world, so measures to secure it from compromise are exactly the same, and probability of compromise is exactly the same.
>
> if you authenticated the user, then you can assign blame already.
no because an authenticated user can change history unless its signed.
> key for authentication and key for commit signing will be stored by the user with same procedures (100000 to 1 ;) ), so, commit signing does not fight with workstation compromise better than access control.
>
I can get SUNET to sponsor the project with yubikey neos that can run
the GPG applets.

Cheers Leif




More information about the Core mailing list