I wouldn't expect outright successful attacks like forged replacements for arbitrary files. I would expect someone to have on hand a small number of blobs that are different but have different hashes and, eventually, to drop said files into a blob-based infrastructure to wreak havoc. So: a way to locally mark a given checksum as "controversial" seems prudent, to me (hence, support for such in my blob-db code/spec). -t - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.htmlReceived on Sat Apr 30 05:52:52 2005
This archive was generated by hypermail 2.1.8 : 2005-04-30 05:52:52 EST