TODO: More bits about commit objects

author Colin Walters <walters@verbum.org>

Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)

committer Colin Walters <walters@verbum.org>

Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)
author Colin Walters <walters@verbum.org>
Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)
committer Colin Walters <walters@verbum.org>
Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)
diff --git a/TODO b/TODO

index e06be2f4bca1d5bc6f86440acea1be2b07e2db94..c071313bf9752f87deebf826807877611e08e121 100644 (file)
--- a/TODO
+++ b/TODO
@@ -6,6 +6,10 @@
      key-value store?
    - Optional non-object metadata; e.g., "detached" GPG signatures which
      are in the same file (to avoid double HTTP requests)
+  - Extended validation; SHA512+SHA256 checksum of all metadata along
+    with content object metadata (file size in particular) wouldn't take
+    too much extra time per commit, and would greatly strengthen resistance
+    to active hash collision attacks.
  
  * Hybrid SSL pull (fetch refs over SSL, content via plain HTTP)
  
@@ -15,11 +19,6 @@
      investigate something like http://www.sqlite.org/wal.html for having
      a shared file.
  
-* GPG signatures on commits, and more generally, extensible metadata
-  associatible with commits.  So for example, commit objects could
-  also contain secondary checksums of the *entire* content, which
-  would allow for stronger verification.
-
  * Indexed metadata pack objects for bare repositories at least;
    no reason to inflict thousands of little metadata files on
    each client.
author	Colin Walters <walters@verbum.org>
	Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)
committer	Colin Walters <walters@verbum.org>
	Wed, 24 Jul 2013 17:10:28 +0000 (13:10 -0400)