1 |
On Wed, Sep 07, 2011 at 08:38:06PM +0200, Fabian Groffen wrote: |
2 |
> On 24-08-2011 09:20:00 +0000, Robin H. Johnson wrote: |
3 |
> > Commit signing has a few implications/side-effects: |
4 |
> > - commits are signed so Manifests are NOT signed anymore. |
5 |
> What are you referring to when you mention "commit signing"? The |
6 |
> commit signing and verification capabilties of CVS? |
7 |
The present discussion of signing git commits as has been on the -scm |
8 |
list for more than a year now (most notably starting after last year's |
9 |
GSoC Mentor summit, where we had a chance to discuss it with some of the |
10 |
Git authors). |
11 |
|
12 |
> I've done some googling, and basically nothing showed up for git, apart |
13 |
> from hacky script solutions like [1]. |
14 |
That's along the same lines as proposed on the -scm list, but quite a |
15 |
lot messier: |
16 |
- it's not clear if he's signing the correct portions of the commit. |
17 |
- We're going to be storing the (detached) signatures as git notes, not |
18 |
in the commit message body. |
19 |
|
20 |
Most recently, see my responses to alexxy on that list, describing a |
21 |
pre-image attack against the git commit signing as implemented by RSBAC. |
22 |
Their scripts are nice, but their actual choice of what to sign is |
23 |
wrong. |
24 |
|
25 |
-- |
26 |
Robin Hugh Johnson |
27 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
28 |
E-Mail : robbat2@g.o |
29 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |