From: Jonathan Nieder <jrnieder@gmail.com>
To: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Cc: Alex Vandiver <alexmv@dropbox.com>,
git@vger.kernel.org, git@jeffhostetler.com,
jonathantanmy@google.com, bmwill@google.com, stolee@gmail.com,
sbeller@google.com, peff@peff.net, johannes.schindelin@gmx.de,
Michael Haggerty <mhagger@alum.mit.edu>
Subject: Per-object encryption (Re: Git Merge contributor summit notes)
Date: Mon, 26 Mar 2018 13:54:01 -0700 [thread overview]
Message-ID: <20180326205349.GA21735@aiede.svl.corp.google.com> (raw)
In-Reply-To: <874ll3yd75.fsf@evledraar.gmail.com>
Hi Ævar,
Ævar Arnfjörð Bjarmason wrote:
> It occurred to me recently that once we have such a layer it could be
> (ab)used with some relatively minor changes to do any arbitrary
> local-to-remote object content translation, unless I've missed something
> (but I just re-read hash-function-transition.txt now...).
>
> E.g. having a SHA-1 (or NewHash) local repo, but interfacing with a
> remote server so that you upload a GPG encrypted version of all your
> blobs, and have your trees reference those blobs.
Interesting!
To be clear, this would only work with deterministic encryption.
Normal GPG encryption would not have the round-tripping properties
required by the design.
If I understand correctly, it also requires both sides of the
connection to have access to the encryption key. Otherwise they
cannot perform ordinary operations like revision walks. So I'm not
seeing a huge advantage over ordinary transport-layer encryption.
That said, it's an interesting idea --- thanks for that. I'm changing
the subject line since otherwise there's no way I'll find this again. :)
Jonathan
next prev parent reply other threads:[~2018-03-26 20:54 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-10 0:06 Git Merge contributor summit notes Alex Vandiver
2018-03-10 13:01 ` Ævar Arnfjörð Bjarmason
2018-03-11 0:02 ` Junio C Hamano
2018-03-12 23:40 ` Jeff King
2018-03-13 0:49 ` Brandon Williams
2018-03-12 23:33 ` Jeff King
2018-03-25 22:58 ` Ævar Arnfjörð Bjarmason
2018-03-26 17:33 ` Jeff Hostetler
2018-03-26 17:56 ` Stefan Beller
2018-03-26 18:54 ` Jeff Hostetler
2018-03-26 18:05 ` Brandon Williams
2018-04-07 20:37 ` Jakub Narebski
2018-03-26 21:00 ` Including object type and size in object id (Re: Git Merge contributor summit notes) Jonathan Nieder
2018-03-26 21:42 ` Jeff Hostetler
2018-03-26 22:40 ` Junio C Hamano
2018-03-26 20:54 ` Jonathan Nieder [this message]
2018-03-26 21:22 ` Per-object encryption " Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180326205349.GA21735@aiede.svl.corp.google.com \
--to=jrnieder@gmail.com \
--cc=alexmv@dropbox.com \
--cc=avarab@gmail.com \
--cc=bmwill@google.com \
--cc=git@jeffhostetler.com \
--cc=git@vger.kernel.org \
--cc=johannes.schindelin@gmx.de \
--cc=jonathantanmy@google.com \
--cc=mhagger@alum.mit.edu \
--cc=peff@peff.net \
--cc=sbeller@google.com \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.