On Tue, Nov 27, 2001 at 09:29:36PM +1100, Keith Owens wrote:
> On Tue, 27 Nov 2001 11:08:04 +0100,
> Harald Arnesen <gurre@start.no> wrote:
> >Anuradha Ratnaweera <anuradha@gnu.org> writes:
> >
> >> How does Marcelo (or Linus or Alan, say) know that the patch
> >> _really_ came from the subsystem aintainer himself?
> >
> >They could reject patches that came without the maintainers GPG or PGP
> >signature.
>
> Unfortunately the normal GPG/PGP signing changes '-' at start of line
> to '- -', even with clear text signing, and destroys the patch. You
> have to use --not-dash-escaped in GPG, where the man page says:
>
> --not-dash-escaped
> This option changes the behavior of cleartext signatures so that
> they can be used for patch files. You should not send such an armored
> file via email because all spaces and line endings are hashed too.
> You can not use this option for data which has 5 dashes at the
> beginning of a line, patch files don't have this. A special armor
> header line tells GnuPG about this cleartext signature option.
>
Interesting.
> I don't know if PGP accepts text signed by GPG with --not-dash-escaped
> nor do I know if there really is a problem with mailing such patches.
> But the warning above is nasty enough to rule it out. The only other
> option for signed patches is uuencode or MIME (with or without
> compression) and Linus does not like that format.
>
But we're not dealing with Linus with 2.4 anymore. Maybe Marcello will
accept signed compressed patches. With a few modifications, most MUAs that
support external processing could be setup to verify the sig, uncompress,
and view in the message area.
MF
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Nov 30 2001 - 21:00:28 EST