1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <hozer@grid.coop>) id 1XLFMj-0002Od-3i
for bitcoin-development@lists.sourceforge.net;
Sat, 23 Aug 2014 17:44:37 +0000
X-ACL-Warn:
Received: from nl.grid.coop ([50.7.166.116])
by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1XLFMU-0002lZ-1j for bitcoin-development@lists.sourceforge.net;
Sat, 23 Aug 2014 17:44:37 +0000
Received: from localhost (localhost [127.0.0.1]) (uid 1000)
by nl.grid.coop with local; Sat, 23 Aug 2014 12:44:14 -0500
id 000000000006E26C.0000000053F8D2EE.00005766
Date: Sat, 23 Aug 2014 12:44:14 -0500
From: Troy Benjegerdes <hozer@hozed.org>
To: Peter Todd <pete@petertodd.org>
Message-ID: <20140823174414.GT22640@nl.grid.coop>
References: <CAJHLa0NXAYh9HzazN6gArUV8y7J8_G0oqkZqPBgibpW0wRNxKQ@mail.gmail.com>
<2302927.fMx0I5lQth@1337h4x0r>
<20140823061701.GQ22640@nl.grid.coop>
<20140823143215.GA18452@savin.petertodd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
In-Reply-To: <20140823143215.GA18452@savin.petertodd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Spam-Score: -0.7 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-0.7 RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
X-Headers-End: 1XLFMU-0002lZ-1j
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Reconsidering github
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 23 Aug 2014 17:44:37 -0000
On Sat, Aug 23, 2014 at 10:32:15AM -0400, Peter Todd wrote:
> On Sat, Aug 23, 2014 at 01:17:01AM -0500, Troy Benjegerdes wrote:
> > This is why I clone git to mercurial, which is generally designed around the
> > assumption that history is immutable. You can't rewrite blockchain history,
> > and we should not be re-writing (rebasing) commit history either.
>
> Git commits serve two purposes: recording public history and
> communication. While for the purpose of recording history immutable
> commits make sense, for the purpose of communicating to other developers
> what changes should be added to that history you *do* want the mutable
> commits that git's rebase functionality supports. Much like how
> university math classes essentially never teach calculus in the order it
> was developed, it is rare indeed for the way you happened to develop
> some functionality to be the best sequence of changes for other
> developers to understand why and what is being changed.
>
> Anyway, just because mercurial is designed around the assumption that
> commit history is immutable doesn't mean it actually is; an attacker can
> fake a series of mercurial commits just as easily as they can git
> commits. The only thing that protects against history rewriting is
> signed commits and timestamps.
What I would really like is a frontend and/or integration to Git/Mercurial that
uses Bitcoin transactions *as* the signature, which has the nice side effect of
providing timestamps backed by the full faith and credit of a billion dollar
blockchain. So what is the best way for me to stick both a git *and* a
mercurial identity hash into a bitcoin transaction? (which leads to point 2
below)
>
> > The problem with github is it's too tempting to look at the *web page*, which
> > is NOT pgp-signed, and hit the 'approve' button when you might have someone
> > in the middle approving an unsigned changeset because you're in a hurry to
> > get the latest new critical OpenSSL 0day security patch build released.
> >
> > We need multiple redundant 'master' repositories run by different people in
> > different jurisdictions that get updated on different schedules, and have all
> > of these people pay attention to operational security, and not just outsource
> > it all to github because it's convenient.
>
> The easiest and most useful way to achieve that would be to have a
> formal program of code review, perhaps on a per-release basis, that
> reviewed the diffs between the previous release and the new one. Master
> repos in this scenario are simply copies of the "master master" repo
> that someone has manually verified and signed-off on, with of course a
> PGP signature.
>
> If you feel like volunteering to maintain one of these repos, you may
> find my Litecoin v0.8.3.7 audit report to be a useful template:
>
> https://bitcointalk.org/index.php?topic=265582.0
I'm not interested in volunteer, I'm interested in getting paid, and the
best way I believe I can accomplish that is use *my* bitcoin address in a
signature-transaction of the code I've reviewed.
What is the advantage of PGP? Far more people have ECDSA public-private
keys than PGP keys.
--
----------------------------------------------------------------------------
Troy Benjegerdes 'da hozer' hozer@hozed.org
7 elements earth::water::air::fire::mind::spirit::soul grid.coop
Never pick a fight with someone who buys ink by the barrel,
nor try buy a hacker who makes money by the megahash
|