Fossil SCM
Added a para to the prior section.
Commit
69e0ea54a7ebfe4bed65a4f5ab7889ee5cd8c99b206cec58674a9313418784c6
Parent
b357dc2b03b6609…
1 file changed
+13
+13
| --- www/blockchain.md | ||
| +++ www/blockchain.md | ||
| @@ -387,10 +387,23 @@ | ||
| 387 | 387 | You can make a good inverse argument, however: because Fossil doesn’t |
| 388 | 388 | remember IP addresses in commit manifests or require commit signing, it |
| 389 | 389 | allows at least *pseudonymous* commits. When someone clones a remote |
| 390 | 390 | repository, they don’t learn email address, IP address, or any other |
| 391 | 391 | sort of [PII] of prior committers, on purpose. |
| 392 | + | |
| 393 | +Why do some people care about this distinction? Consider Bitcoin, | |
| 394 | +wherein an anonymous user cannot spam the blockchain with bogus coins | |
| 395 | +because its [proof-of-work][pow] protocol allows such coins to be | |
| 396 | +rejected immediately. There is no equivalent in Fossil: it has no | |
| 397 | +technology that allows the receiving server to look at the content of a | |
| 398 | +commit and automatically judge it to be “good.” Fossil relies on its | |
| 399 | +RBAC system to provide such distinctions: if you have a commit bit, your | |
| 400 | +commits are *ipso facto* judged “good,” insofar as any human work | |
| 401 | +product can be so judged by a blob of compiled C code. This takes us | |
| 402 | +back to the [digital ledger question](#dlt), where we can talk about | |
| 403 | +what it means to later correct a bad commit that got through the RBAC | |
| 404 | +check. | |
| 392 | 405 | |
| 393 | 406 | |
| 394 | 407 | [alert]: ./alerts.md |
| 395 | 408 | [capi]: ./caps/ref.html#i |
| 396 | 409 | [mrep]: /help?cmd=remote |
| 397 | 410 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -387,10 +387,23 @@ | |
| 387 | You can make a good inverse argument, however: because Fossil doesn’t |
| 388 | remember IP addresses in commit manifests or require commit signing, it |
| 389 | allows at least *pseudonymous* commits. When someone clones a remote |
| 390 | repository, they don’t learn email address, IP address, or any other |
| 391 | sort of [PII] of prior committers, on purpose. |
| 392 | |
| 393 | |
| 394 | [alert]: ./alerts.md |
| 395 | [capi]: ./caps/ref.html#i |
| 396 | [mrep]: /help?cmd=remote |
| 397 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -387,10 +387,23 @@ | |
| 387 | You can make a good inverse argument, however: because Fossil doesn’t |
| 388 | remember IP addresses in commit manifests or require commit signing, it |
| 389 | allows at least *pseudonymous* commits. When someone clones a remote |
| 390 | repository, they don’t learn email address, IP address, or any other |
| 391 | sort of [PII] of prior committers, on purpose. |
| 392 | |
| 393 | Why do some people care about this distinction? Consider Bitcoin, |
| 394 | wherein an anonymous user cannot spam the blockchain with bogus coins |
| 395 | because its [proof-of-work][pow] protocol allows such coins to be |
| 396 | rejected immediately. There is no equivalent in Fossil: it has no |
| 397 | technology that allows the receiving server to look at the content of a |
| 398 | commit and automatically judge it to be “good.” Fossil relies on its |
| 399 | RBAC system to provide such distinctions: if you have a commit bit, your |
| 400 | commits are *ipso facto* judged “good,” insofar as any human work |
| 401 | product can be so judged by a blob of compiled C code. This takes us |
| 402 | back to the [digital ledger question](#dlt), where we can talk about |
| 403 | what it means to later correct a bad commit that got through the RBAC |
| 404 | check. |
| 405 | |
| 406 | |
| 407 | [alert]: ./alerts.md |
| 408 | [capi]: ./caps/ref.html#i |
| 409 | [mrep]: /help?cmd=remote |
| 410 |