CryptoGnome RepositoriesCryptoGnome Repositories
The unix-fs is the most basic versioned
repository. Basically, it's just a quick hack to test the basic
concepts and work on name/branch/version resolution, metadata,
and transport issues while I'm waiting for
XDelta
to mature a bit. Nevertheless, I am currently running a
fully-functioned (OK, I haven't done branching) versioned
repository off of it.
A unix-fs repository is terribly wasteful of disk
space because it stores each version as a separate file. OTOH,
it does make for extremely easy debugging of the
higher-level issues, so I wouldn't expect it to ever go
away.
Thanks to Oleg Kiselyov for pointing out that I could just as easily do a CVS-based repository as anything else I plan to implement. This is such a good idea that it is probably going to become the next repository implemented as it provides a nice migration path for CVS users. Plus it should also be a way to get my SourceForge projects running under CryptoGnome, too. There's no substitute for using software to work out its human-factors bugs.
I really like the XDelta system's approach to file versioning. In fact, it was reading the original papers on PRCSv2 and XDelta that inspired me to start hacking the CryptoGnome together, using Scsh and SUNet for glue. Of course, once the infrastructure was in place, the idea developed a bad case of rampant featuritis. I hope that this is a Good Thing (tm).
I've started some work on the XDelta repository. Unfortunately, it doesn't work well. Yet. Stay tuned for further news.
Reading Neal Stephenson's Cryptonomicon motivated me to add crypto capabilities to the CryptoGnome (and where do you think I got the name, anyway?), especially since I had the architectural room from using http. If you haven't read the book, it's an entertaining read and technically pretty good, but this isn't a book review.
In the book the characters use a pencil and paper cipher to communicate while under extremely close observation in a Phillipino prison. The system they use is called Solitaire and was invented by Bruce Schneier of Counterpane Internet Security. I've been working on a Scheme implementation which should be extensible to a full ISO Latin-1 alphabet as a crypto-based repository.
It doesn't work yet.
I had a fairly lame crypto layer based on a broken stream cipher idea. Fortunately I've started reading sci.crypt and I've realized how badly broken it was. I may very well finish implementing LameCrypt for pedagogical purposes (demonstrating how to implement a layered repository), but it will really only provide minimal security; it will keep the casual file-browser (don't ever give me root access. I am one) from seeing what you're about, but not a determined attacker who wants to learn your secrets.
I'm working on some new ideas which should be fairly strong, but I'm not ready to talk write them. In the meantime, I plan on using the OpenSSL command-line utils (Scsh is a scripting language) to provide an encrypted repository.
