Re: Git-commits mailing list feed.

From: Paul Jakma
Date: Sun Apr 24 2005 - 18:29:49 EST


On Sat, 23 Apr 2005, Linus Torvalds wrote:

NO.

Guys, I will say this once more: git will not look at the signature.

That means that we don't "strip them off", because dammit, they DO NOT
EXIST as far as git is concerned. This is why a tag-file will _always_
start with

commit <commit-sha1>
tag <tag-name>

because that way we can use fsck and validate reachability and have things that want trees (or commits) take tag-files instead, and git will automatically look up the associated tree/commit. And it will do so _without_ having to understand about signing, since signing is for trust between _people_ not for git.

And that is why I from the very beginning tried to make ti very clear that the signature goes at the end. Not at the beginning, not in the middle, and not in a different file. IT GOES AT THE END.

Actually, can you make the signature be detached and a seperate object? Ie, add a signature object in its own right, distinct from tag. They could then:

- be used to sign any kind of object
- allow objects to be signed by multiple people

Ideally, there'd be an index of signature objects by the SHA-1 sum of the object they sign, as the signed object should not refer to the signature (or the second of the above is not possible).

The latter of the two points would, in combination with the former, allow for cryptographic 'signed-off-by' chains. If a 'commit' is signed by $RANDOM_CONTRIBUTOR and $SUBSYSTEM_MAINTAINER and $ANDREW, you know its time to pull it. Would also work for things like "fixes only" trees, where (say) a change must be approved by X/2+1 of a group of X hacker providing oversight -> looking up the commit object's signatures would tell you whether it was approved.

No idea whether this is possible or practical. :) But it would be good for future flexibility to avoid including the signature in the object being signed.

regards,
--
Paul Jakma paul@xxxxxxxx paul@xxxxxxxxx Key ID: 64A2FF6A
Fortune:
You give me space to belong to myself yet without separating me from your own life. May it all turn out to your happiness.
-- Goethe
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/