[ciphershed] Re: Decisions to be made

  • From: "Jason Pyeron" <jpyeron@xxxxxxxx>
  • To: <ciphershed@xxxxxxxxxxxxx>
  • Date: Sun, 22 Jun 2014 13:44:54 -0400

> -----Original Message-----
> From: ciphershed-bounce@xxxxxxxxxxxxx 
> [mailto:ciphershed-bounce@xxxxxxxxxxxxx] On Behalf Of Rocki Hack
> Sent: Sunday, June 22, 2014 13:35
> To: ciphershed@xxxxxxxxxxxxx
> Subject: [ciphershed] Re: Decisions to be made
> 
> > - signatures / warrant canaries
> >         * sign all commits?
> >         my suggestion: yes, better save than sorry.
> 
> 
> Even if you sign all commits you still need to sign the tree 
> (sha1 merkle hash tree) with a tag.
> 
> It's not the same to sign all commits or a tag.
> 
> Especially if you want to trust the committed files and not 
> the committer himself.
> 
> 
> If you trust a contributor and he signs a commit then you 
> trust his files.
> 
> This is an simple implication but it doesn't mean the exact 
> same as signing the files with a tag.
> 
> 
> I quote Linus Torvalds once again...
> 
> "Well, you can (sign commits), but it's always going to be 
> inferior to just adding a tag. 

On an old version of git that was true, because the commit message was being
signed, not the commit object.

Now that the signing is part of the commit logic


Example, a commit object in the git database:

tree 668ff36f646d49868cc8ce073d153a1d08d81e61
parent 4f7ad8a8f38b06d675ac5196c80b1a26ecbee433
author Jason Pyeron <jpyeron+test3@xxxxxxxx> 1403064519 -0400
committer Jason Pyeron <jpyeron+test3@xxxxxxxx> 1403064519 -0400
gpgsig -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1

 iQEcBAABAgAGBQJToRDHAAoJEA5zQ2VU0OjkxXAH/j8Yai1I5yDIgcx9B8+0Fuuk
 s+BweJfYxm4O77jpJAKtBWzz0SPflEZHyyDff5ApxaXuM4CbT3vhAXeASJdFKa5H
 ZgEACcmh9VmZ4N1DTIcmKUUU9vXdQXJWaIcTk+l/6LtWGI71gQtnhK3Kht5a4fVd
 yQyABJH7vI/kblnxyCmj3RslktujmICyc8B6K1o5x/xNtCA2PKrI0625l0VmAQS+
 SuSAnlLTH+Ot1vGsH4R/0Am0aKPemPwG3lgoOKzVkRNjOtN+vlBLad4WCnyAJrJL
 6ALgNUTTEXXIJAxJTXD1snpiGwFmwoHqGnMDVyT+1UlXXA8yZwD0sbHZJBjtYwg=
 =ffok
 -----END PGP SIGNATURE-----

loged signed commit

The input to the PGP process for signing is:

tree 668ff36f646d49868cc8ce073d153a1d08d81e61
parent 4f7ad8a8f38b06d675ac5196c80b1a26ecbee433
author Jason Pyeron <jpyeron+test3@xxxxxxxx> 1403064519 -0400
committer Jason Pyeron <jpyeron+test3@xxxxxxxx> 1403064519 -0400

loged signed commit

Now it contains the tree, parent(s) and the commit message.

<snip/>

> http://git.661346.n2.nabble.com/GPG-signing-for-git-commit-td2582986.html

This has been overcome by events (OBE).

-Jason 

--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.

Other related posts:

  1. Home
  2. ciphershed
  3. Archive
  4. 06-2014