Security

[Adrian Wilkins]

> It's not possible to 
> verify a single revion and the verification is slow especially on large 
> repositories.

Does Bazaar not have a similar property to git in that the testament
hashes are based not just on the content of their revision but also on
the hash of the previous revision?

In this case you can be assured that verifying a single signed revision
is equivalent to verifying the entire lineage of that revision. So I
guess the question is ; do testaments include the hashes of their parent
revisions, or does the signing plugin just not grok this underlying
property (if it's present)?