[146836] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Cryptography] MITM source patching [was Schneier got spooked]

daemon@ATHENA.MIT.EDU (Ray Dillinger)
Sun Sep 8 13:41:53 2013

X-Original-To: cryptography@metzdowd.com
Date: Sun, 08 Sep 2013 10:15:10 -0700
From: Ray Dillinger <bear@sonic.net>
To: cryptography@metzdowd.com
In-Reply-To: <CAMm+LwhmjKLdmME_5zQ7Zfggoww3ChJ=z95jEOdg-GZWzzBHYQ@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com

On 09/08/2013 05:28 AM, Phillip Hallam-Baker wrote:

>every code update to the repository should be signed and
> recorded in an append only log and the log should be public and enable any
> party to audit the set of updates at any time.
>
> This would be 'Code Transparency'.
>
> Problem is we would need to modify GIT to implement.

Why is that a problem?  GIT is open-source.  I think even *I* might be
good enough to patch that.

					Ray


_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[146836] in cryptography@c2.net mail archive

Re: [Cryptography] MITM source patching [was Schneier got spooked]

daemon@ATHENA.MIT.EDU (Ray Dillinger)Sun Sep 8 13:41:53 2013

daemon@ATHENA.MIT.EDU (Ray Dillinger)
Sun Sep 8 13:41:53 2013