Gentoo Archives: gentoo-dev

From:	hasufell <hasufell@g.o>
To:	gentoo-dev@l.g.o
Subject:	Re: [gentoo-dev] My masterplan for git migration (+ looking for infra to test it)
Date:	Sun, 14 Sep 2014 23:26:00
Message-Id:	`541623ED.3040608@gentoo.org`
In Reply to:	Re: [gentoo-dev] My masterplan for git migration (+ looking for infra to test it) by Rich Freeman

1	Rich Freeman:
2	> On Sun, Sep 14, 2014 at 6:56 PM, hasufell <hasufell@g.o> wrote:
3	>> According to Robin, it's not about rebasing, it's about signing all
4	>> commits so that messing with the blob (even if it has the same sha-1)
5	>> will cause signature verification failure.
6	>>
7	>
8	> The only thing that gets signed is the commit message, and the only
9	> thing that ties the commit message to the code is the sha1 of the
10	> top-level tree. If you can attack sha1 either at any tree level or at
11	> the blob level you can defeat the signature.
12	>
13
14	So can we get this clear now.
15
16	Robin said
17	> The Git commit-signing design explicitly signs the entire commit, including blob contents, to avoid this security problem.
18
19	Is this correct or not?

Subject	Author
Re: [gentoo-dev] My masterplan for git migration (+ looking for infra to test it)	"W. Trevor King" <wking@×××××××.us>
Re: [gentoo-dev] My masterplan for git migration (+ looking for infra to test it)	Kent Fredric <kentfredric@×××××.com>