On Tue, Apr 28, 2020 at 05:04:25PM +0200, Nicolas Vigier wrote:
On Tue, 28 Apr 2020, Santiago Torres-Arias wrote:
On Tue, Apr 28, 2020 at 04:42:47PM +0200, Nicolas Vigier wrote:
Hi,
Attached is a proposal for signing commits with gpg.
Hi, this sounds incredibly useful. I'd love to contribute and also bring in the usage of push certificates where applicable? Is that something that has been considered?
I have not considered it, because I didn't know push certificates existed. Do you have more details about those push certificates?
Yes!
I think the best introduction is the patch series itself[1]. I also wrote a paper outlining the types of attacks when git references aren't signed at [2]. I feel that the full solution outlined in the paper may be too costly and it's not native to git, but signed push goes a long way in avoiding tag replacement attacks (e.g., check this patch for pacman[3]).
Cheers! -Santago
[1] https://public-inbox.org/git/1408485987-3590-1-git-send-email-gitster@pobox.... [2] https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presen... [3] https://lists.archlinux.org/pipermail/pacman-dev/2017-September/022123.html