... and no documentation on how to fix it.
The docs at http://www.monotone.ca/docs/Trust-Evaluation-Hooks.html
recommend a key name based get_revision_cert_trust hook but that is
insecure since monotone now allows duplicate key names.
A secure implementation must use the key ID, but there's no
documentation on how to do that. The secure hook may be implemented
by using quoted hex key ids in 'trusted_signers", and
implementing a new function (e.g. 'idintersection') that uses v.id
instead of v.name.
This ticket is for a fix to the website and any other places where
the example is given, to provide a secure example.
Steps to reproduce the problem:
-------------------------------
1. Add second key with same name
2. Sample trust hook will trust it too
Expected result:
----------------
Better example
Output of `mtn version --full`:
-------------------------------
1.0.0
Reported by joe 23, Jan 31, 2013