Theodore Tso wrote:
>On Thu, Sep 11, 2008 at 09:55:16PM +0200, Stephen R. van den Berg wrote:
>> > Having it versionned also
>> >means that older git versions will be able to carry that information
>> >even if they won't make any use of it, and that also solves the
>> >cryptographic issue since that data is part of the top commit SHA1.
>> It would allow the data to be faked, that is undesirable for "git blame".
>Why would this matter? The information is largely
>self-authenticating. If a commit claims to have come from some other
Attack-wise, you're right, it's not a big deal.
I think the comforting feeling one gets about the hashes protecting
integrity is what matters more for me here.
--
Sincerely,
Stephen R. van den Berg.
"Father's Day: Nine months before Mother's Day."
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
