Issue 220: Recommended trust hook is insecure

Reported by joe 23, Jan 31, 2013

... and no documentation on how to fix it.

The docs at 
recommend a key name based get_revision_cert_trust hook but that is 
insecure since monotone now allows duplicate key names.

A secure implementation must use the key ID, but there's no 
documentation on how to do that. The secure hook may be implemented 
by using quoted hex key ids in 'trusted_signers", and 
implementing a new function (e.g. 'idintersection') that uses 
instead of

This ticket is for a fix to the website and any other places where 
the example is given, to provide a secure example.

Steps to reproduce the problem:

1. Add second key with same name
2. Sample trust hook will trust it too

Expected result:
Better example

Output of `mtn version --full`:

Created: 10 years 9 months ago by joe 23

Status: New


Quick Links:    -     Downloads    -     Documentation    -     Wiki    -     Code Forge    -     Build Status