From: Jonathan Nieder <jrnieder@gmail.com>
To: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Cc: Alex Vandiver <alexmv@dropbox.com>,
git@vger.kernel.org, git@jeffhostetler.com,
jonathantanmy@google.com, bmwill@google.com, stolee@gmail.com,
sbeller@google.com, peff@peff.net, johannes.schindelin@gmx.de,
Michael Haggerty <mhagger@alum.mit.edu>
Subject: Per-object encryption (Re: Git Merge contributor summit notes)
Date: Mon, 26 Mar 2018 13:54:01 -0700 [thread overview]
Message-ID: <20180326205349.GA21735@aiede.svl.corp.google.com> (raw)
In-Reply-To: <874ll3yd75.fsf@evledraar.gmail.com>
Hi Ævar,
Ævar Arnfjörð Bjarmason wrote:
> It occurred to me recently that once we have such a layer it could be
> (ab)used with some relatively minor changes to do any arbitrary
> local-to-remote object content translation, unless I've missed something
> (but I just re-read hash-function-transition.txt now...).
>
> E.g. having a SHA-1 (or NewHash) local repo, but interfacing with a
> remote server so that you upload a GPG encrypted version of all your
> blobs, and have your trees reference those blobs.
Interesting!
To be clear, this would only work with deterministic encryption.
Normal GPG encryption would not have the round-tripping properties
required by the design.
If I understand correctly, it also requires both sides of the
connection to have access to the encryption key. Otherwise they
cannot perform ordinary operations like revision walks. So I'm not
seeing a huge advantage over ordinary transport-layer encryption.
That said, it's an interesting idea --- thanks for that. I'm changing
the subject line since otherwise there's no way I'll find this again. :)
Jonathan
next prev parent reply other threads:[~2018-03-26 20:54 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-10 0:06 Git Merge contributor summit notes Alex Vandiver
2018-03-10 13:01 ` Ævar Arnfjörð Bjarmason
2018-03-11 0:02 ` Junio C Hamano
2018-03-12 23:40 ` Jeff King
2018-03-13 0:49 ` Brandon Williams
2018-03-12 23:33 ` Jeff King
2018-03-25 22:58 ` Ævar Arnfjörð Bjarmason
2018-03-26 17:33 ` Jeff Hostetler
2018-03-26 17:56 ` Stefan Beller
2018-03-26 18:54 ` Jeff Hostetler
2018-03-26 18:05 ` Brandon Williams
2018-04-07 20:37 ` Jakub Narebski
2018-03-26 21:00 ` Including object type and size in object id (Re: Git Merge contributor summit notes) Jonathan Nieder
2018-03-26 21:42 ` Jeff Hostetler
2018-03-26 22:40 ` Junio C Hamano
2018-03-26 20:54 ` Jonathan Nieder [this message]
2018-03-26 21:22 ` Per-object encryption " Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180326205349.GA21735@aiede.svl.corp.google.com \
--to=jrnieder@gmail.com \
--cc=alexmv@dropbox.com \
--cc=avarab@gmail.com \
--cc=bmwill@google.com \
--cc=git@jeffhostetler.com \
--cc=git@vger.kernel.org \
--cc=johannes.schindelin@gmx.de \
--cc=jonathantanmy@google.com \
--cc=mhagger@alum.mit.edu \
--cc=peff@peff.net \
--cc=sbeller@google.com \
--cc=stolee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).