[Cryptography] MITM source patching [was Schneier got spooked]
Ray Dillinger
bear at sonic.net
Sun Sep 8 13:15:10 EDT 2013
On 09/08/2013 05:28 AM, Phillip Hallam-Baker wrote:
>every code update to the repository should be signed and
> recorded in an append only log and the log should be public and enable any
> party to audit the set of updates at any time.
>
> This would be 'Code Transparency'.
>
> Problem is we would need to modify GIT to implement.
Why is that a problem? GIT is open-source. I think even *I* might be
good enough to patch that.
Ray
More information about the cryptography
mailing list