/usr/share/doc/monotone/html/Certificates.html is in monotone-doc 1.1-9.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ -->
<head>
<title>monotone documentation: Certificates</title>
<meta name="description" content="monotone documentation: Certificates">
<meta name="keywords" content="monotone documentation: Certificates">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="index.html#Top" rel="start" title="Top">
<link href="General-Index.html#General-Index" rel="index" title="General Index">
<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Concepts.html#Concepts" rel="up" title="Concepts">
<link href="Storage-and-workflow.html#Storage-and-workflow" rel="next" title="Storage and workflow">
<link href="Historical-records.html#Historical-records" rel="prev" title="Historical records">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.indentedblock {margin-right: 0em}
blockquote.smallindentedblock {margin-right: 0em; font-size: smaller}
blockquote.smallquotation {font-size: smaller}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
div.smalldisplay {margin-left: 3.2em}
div.smallexample {margin-left: 3.2em}
div.smalllisp {margin-left: 3.2em}
kbd {font-style: oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
pre.smalldisplay {font-family: inherit; font-size: smaller}
pre.smallexample {font-size: smaller}
pre.smallformat {font-family: inherit; font-size: smaller}
pre.smalllisp {font-size: smaller}
span.nolinebreak {white-space: nowrap}
span.roman {font-family: initial; font-weight: normal}
span.sansserif {font-family: sans-serif; font-weight: normal}
ul.no-bullet {list-style: none}
-->
</style>
<link rel="stylesheet" type="text/css" href="texinfo.css">
</head>
<body lang="en">
<a name="Certificates"></a>
<div class="header">
<p>
Next: <a href="Storage-and-workflow.html#Storage-and-workflow" accesskey="n" rel="next">Storage and workflow</a>, Previous: <a href="Historical-records.html#Historical-records" accesskey="p" rel="prev">Historical records</a>, Up: <a href="Concepts.html#Concepts" accesskey="u" rel="up">Concepts</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="General-Index.html#General-Index" title="Index" rel="index">Index</a>]</p>
</div>
<hr>
<a name="Certificates-1"></a>
<h3 class="section">1.4 Certificates</h3>
<p>Often, you will wish to make a <i>statement</i> about a revision, such as
stating the reason that you made some changes, or stating the time at
which you made the changes, or stating that the revision passes a test
suite. Statements such as these can be thought of, generally, as a
bundle of information with three parts:
</p>
<ul>
<li> an <i>ID</i>, indicating which revision you are making a statement about
</li><li> a <i>name</i> indicating the type of statement you are making, such as
“changelog”, “date” or “testresult”
</li><li> a <i>value</i> indicating the remaining detail of the statement, such as
“fixed a bug”, “March 9th” or “1”
</li></ul>
<p>For example, if you want to say that a particular revision was
composed on April 4, 2003, you might make a statement like this:
</p>
<img src="figures/statement.png" alt="figures/statement">
<p>In an ideal world, these are all the parts of a statement we would
need in order to go about our work. In the real world, however, there
are sometimes malicious people who would make false or misleading
statements; so we need a way to verify that a particular person made a
particular statement about a revision. We therefore will add two more
pieces of information to our bundle:
</p>
<ul>
<li> a <i>key</i> which identifies the person making a statement
</li><li> a <i>signature</i> — just a large number with particular properties —
certifying the fact that the person made the statement
</li></ul>
<p>When these 2 items accompany a statement, we call the total bundle of
5 items a <em>certificate</em>, or <i>cert</i>. A cert makes a statement in
a secure fashion. The security of the signature in a cert is derived
from the <small>RSA</small> cryptography system, the details of which are beyond
the scope of this document.
</p>
<img src="figures/cert.png" alt="figures/cert">
<p>Monotone uses certs extensively. Any “extra” information which needs
to be stored, transmitted or retrieved — above and beyond files,
manifests, and revisions — is kept in the form of certs. This
includes change logs, time and date records, branch membership,
authorship, test results, and more. When monotone makes a decision
about storing, transmitting, or extracting files, manifests, or
revisions, the decision is often based on certs it has seen, and the
trustworthiness you assign to those certs.
</p>
<p>The <small>RSA</small> cryptography system — and therefore monotone itself —
requires that you exchange special “public” numbers with your
friends, before they will trust certificates signed by you. These
numbers are called <em>public keys</em>. Giving someone your public key
does not give them the power to <i>impersonate</i> you, only to verify
signatures made by you. Exchanging public keys should be done over a
trusted medium, in person, or via a trusted third party. Advanced
secure key exchange techniques are beyond the scope of this document.
</p>
<hr>
<div class="header">
<p>
Next: <a href="Storage-and-workflow.html#Storage-and-workflow" accesskey="n" rel="next">Storage and workflow</a>, Previous: <a href="Historical-records.html#Historical-records" accesskey="p" rel="prev">Historical records</a>, Up: <a href="Concepts.html#Concepts" accesskey="u" rel="up">Concepts</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="General-Index.html#General-Index" title="Index" rel="index">Index</a>]</p>
</div>
</body>
</html>
|