-------- grarpamp writes: > > No amount of cryptography can or will protect against that. > > Though it can help attribute that to a source,
No. You would end up with the committer saying "it came in as a bug-report, I looked at it, and it looked sensible so I committed it." Unless you are going to *enforce* (how?!) that all committers only commit patches they received under full cryptographic & biometric custody from verified communications partners, it will always end up being unattributable. Even if you were able to pin the blame on a particular committer, that person would simply cease to exist, because it was only a cover identity to begin with. > > As interesting as this thread has been (not!) > > Contrare. > [...] > Defense in depth. ... is a lot harder than most IT-people realize, because most IT-people almost invariably ignore the entire human and political aspect of the problem. See also: "Operation Orchestra" by yours truly. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
