tartansandal
commented
9 years ago This was mostly attempt to clarify my ideas so I could understand the use cases in #182 better. This was what convinced me that verify and the pullable commands needed to be able to set a 'paranoia' level -- because there are too many valid ways of approaching verification. So the Audit docs are probably not something for core. I'm thinking I might they might form part of a plugin of interest only to mad-arse security freaks like me ;-) The sign should probably for part of that. Possibly the clone and look commands as well, but they are a bit more general.
This brings together my ideas about using Pinto and the new
verify,look, andsigncommands to form a, hopefully, coherent audit process.