From: | "Robin H. Johnson" <robbat2@g.o> | ||
---|---|---|---|
To: | gentoo-dev@l.g.o | ||
Subject: | Re: [gentoo-dev] Git Migration: launch plan & schedule (2015/Aug/08-09) | ||
Date: | Fri, 03 Jul 2015 21:41:03 | ||
Message-Id: | robbat2-20150703T212250-365251671Z@orbis-terrarum.net | ||
In Reply to: | Re: [gentoo-dev] Git Migration: launch plan & schedule (2015/Aug/08-09) by Andrew Savchenko |
1 | On Sat, Jul 04, 2015 at 12:19:41AM +0300, Andrew Savchenko wrote: |
2 | > As I see from git docs only commits and tags may be signed. There |
3 | > is no way to sign a push. Moreover there is no need to sign each |
4 | > commit, see what Linux says on that: |
5 | > http://git.661346.n2.nabble.com/GPG-signing-for-git-commit-td2582986.html |
6 | That was Linus's 2009 opinion, and he changed his mind since then, with |
7 | the research into further attacks on SHA1. |
8 | |
9 | Git (since 2.2) DOES support signed push. Look at the manpage for |
10 | git-push, for the --signed option: |
11 | http://git-scm.com/docs/git-push |
12 | |
13 | The point of signed commits is to authenticate the creator of each |
14 | commit. |
15 | |
16 | The point of signed pushes is to authenticate who introduced a commit |
17 | (it might NOT be the person who signed the commits) and intended it to |
18 | be on a specific branch. |
19 | |
20 | A slightly out of date, but good backgrounder on signed commits is here: |
21 | http://mikegerwitz.com/papers/git-horror-story |
22 | |
23 | The StackOverflow asking about signed push is a good reference as well: |
24 | http://stackoverflow.com/questions/27299355/why-does-git-need-signed-pushes |
25 | |
26 | -- |
27 | Robin Hugh Johnson |
28 | Gentoo Linux: Developer, Infrastructure Lead |
29 | E-Mail : robbat2@g.o |
30 | GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
Subject | Author |
---|---|
Re: [gentoo-dev] Git Migration: launch plan & schedule (2015/Aug/08-09) | Andrew Savchenko <bircoph@g.o> |
Re: [gentoo-dev] Git Migration: launch plan & schedule (2015/Aug/08-09) | Rich Freeman <rich0@g.o> |