HEADS UP: FreeBSD src repo transitioning to git this weekend

[Poul-Henning Kamp]

--------
grarpamp writes:

> > No amount of cryptography can or will protect against that.
>
> Though it can help attribute that to a source,

No.

You would end up with the committer saying "it came in as a bug-report,
I looked at it, and it looked sensible so I committed it."

Unless you are going to *enforce* (how?!) that all committers only
commit patches they received under full cryptographic & biometric
custody from verified communications partners, it will always end
up being unattributable.

Even if you were able to pin the blame on a particular committer,
that person would simply cease to exist, because it was only a cover
identity to begin with.

> > As interesting as this thread has been (not!)
>
> Contrare.
> [...]
> Defense in depth.

... is a lot harder than most IT-people realize, because most
IT-people almost invariably ignore the entire human and political
aspect of the problem.

See also:  "Operation Orchestra" by yours truly.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.