[IPython-dev] Storing signatures outside the notebook

Brian Granger ellisonbg at gmail.com
Tue Dec 16 00:42:05 EST 2014 

Ahh, yes that would work

On Mon, Dec 15, 2014 at 9:36 PM, Thomas Kluyver <takowl at gmail.com> wrote:
>
> I meant moving the file on the filesystem for the same user.
>
> Thomas
> On Dec 15, 2014 9:30 PM, "Brian Granger" <ellisonbg at gmail.com> wrote:
>
>> I should note that "moving the trust" is not just the notebook and its
>> signature. You would also have to move the users secret key used to
>> generate the signature. In my mind, this whole model relies on the extreme
>> difficultly of transferring trust to another person.
>>
>> On Mon, Dec 15, 2014 at 9:28 PM, Brian Granger <ellisonbg at gmail.com>
>> wrote:
>>>
>>> I think these ideas are very interesting, can one of you add this to the
>>> dev meeting agenda for this Th?
>>>
>>> On Mon, Dec 15, 2014 at 6:20 PM, Thomas Kluyver <takowl at gmail.com>
>>> wrote:
>>>>
>>>> Min and I were just talking to Aron Ahmadia and Chris Kees. We covered
>>>> several topics, but one of the more straightforward things we discussed was
>>>> the problem that storing signatures in the notebook gives for version
>>>> control - because any two changes will make the signature conflict, even if
>>>> the changes are at opposite ends of the notebook.
>>>>
>>>> We possibly shouldn't try to rework this before 3.0, but I started
>>>> thinking about alternatives, and wanted to put a couple out for discussion:
>>>>
>>>> 1. Store signatures next to notebooks - maybe a .ipynb.sig file, like
>>>> you sometimes see checksum files next to downloads. This has the advantage
>>>> that to move the notebook along with its trust, you can just move those two
>>>> files together, but the disadvantage that it clutters up your working
>>>> directory.
>>>> 2. An extra subdirectory, like we already use for checkpoints, but for
>>>> signatures. Less clutter, but more awkward to move a notebook and its
>>>> associated signature together.
>>>> 3. A per-user database storing hashes of all trusted notebooks.
>>>> Checking if a notebook is trusted then becomes: hash it, and check whether
>>>> that hash is in the database. The notebook's location on the filesystem is
>>>> irrelevant. This may be troublesome for people who sync their IPython
>>>> directory across multiple computers, or have home directories on an NFS
>>>> mount, though.
>>>>
>>>> Thomas
>>>>
>>>> _______________________________________________
>>>> IPython-dev mailing list
>>>> IPython-dev at scipy.org
>>>> http://mail.scipy.org/mailman/listinfo/ipython-dev
>>>>
>>>>
>>>
>>> --
>>> Brian E. Granger
>>> Cal Poly State University, San Luis Obispo
>>> @ellisonbg on Twitter and GitHub
>>> bgranger at calpoly.edu and ellisonbg at gmail.com
>>>
>>
>>
>> --
>> Brian E. Granger
>> Cal Poly State University, San Luis Obispo
>> @ellisonbg on Twitter and GitHub
>> bgranger at calpoly.edu and ellisonbg at gmail.com
>>
>> _______________________________________________
>> IPython-dev mailing list
>> IPython-dev at scipy.org
>> http://mail.scipy.org/mailman/listinfo/ipython-dev
>>
>>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>
>

-- 
Brian E. Granger
Cal Poly State University, San Luis Obispo
@ellisonbg on Twitter and GitHub
bgranger at calpoly.edu and ellisonbg at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20141215/5c0e8a35/attachment.html>

More information about the IPython-dev mailing list