[Webfunds-devel] Another flaw in issued contracts.

• Previous message: [Webfunds-devel] OpenPGP signed Contracts
• Next message: [Webfunds-devel] Another flaw in issued contracts.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ian Grigg wrote:
> However, the flaw in that is that you propogate old errors.
> There is an error in the current DigiGold_AUG, in that the
> first char on one of the lines is ':' instead of ';' ...
> The SignContractWizard, or something, should do sanity
> checking on all this.

OK, just discovered another flaw in an old contract.

The DigiGold-before-current, called DigiGold.asc and
including V1.3 as the monika in the text, has a bad
server_certification label: servercertifiation which
is bad on 2 counts.

Now, this was ok when Contract.java was first written,
but now is not, as Contract now checks the server cert.
Or something.

So, what we are faced with is a steady stream of bugs
caused by our Contract.java reading code getting better
at handling Contracts, bugs which manifest themselves
in older contracts where these errors slipped through.

I'm not sure how to comprehensively deal with this, it
seems as though the only way is to have kludges present
in the Contract.java module that are forgiving of known
errors.

This maybe a further argument for keeping the Contract
reading code separate from the signing code - the latter
should not ever be forgiving.  We do not want to
propogate these errors, rather we want to block them at
the signing point.

OTOH, perhaps a forgiving mode should be added to the
Contract code at the same time as the signing code?

Just some thoughts.

iang

• Previous message: [Webfunds-devel] OpenPGP signed Contracts
• Next message: [Webfunds-devel] Another flaw in issued contracts.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]