[Python-Dev] python-checkins
Martin Geisler
mg at lazybytes.net
Wed Jul 14 11:31:34 CEST 2010
Dirkjan Ochtman <dirkjan at ochtman.nl> writes:
> - http://bitbucket.org/mg/commitsigs is another extension, which takes
> a different tack to signing (I believe it doesn't sign the commit
> metadata, only the file tree, which lets it sign before the commit is
> finished, meaning it doesn't take up an extra cset).
It does signs the complete changeset hash including the commit message,
username, etc, and it does this without creating an extra changeset.
This is done by computing what the changeset hash would be without an
embedded signature. This hash is then signed and embedded in the
changeset. This is similar to how TCP checksums are computed.
This increases the size of each changeset by about 2 KB of data which
cannot be compressed -- this adds up over time and I would only advice
people to use the extension if they are very paranoid or have special
legal requirements.
--
Martin Geisler
Mercurial links: http://mercurial.ch/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-dev/attachments/20100714/d4d8f020/attachment.pgp>
More information about the Python-Dev
mailing list