From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SbuYk-00008Y-SR for garchives@archives.gentoo.org; Tue, 05 Jun 2012 14:16:36 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E073FE0824; Tue, 5 Jun 2012 14:16:20 +0000 (UTC) Received: from mail-bk0-f53.google.com (mail-bk0-f53.google.com [209.85.214.53]) by pigeon.gentoo.org (Postfix) with ESMTP id DD74BE062D for ; Tue, 5 Jun 2012 14:15:29 +0000 (UTC) Received: by bkcjk13 with SMTP id jk13so5299671bkc.40 for ; Tue, 05 Jun 2012 07:15:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=hVlQjd6Ov+n3w20GXGbtjFGJZDGt/0eiKqD8SmeTltA=; b=VldeGCXuUu9wX4ZpqueZx6PZPXOqaaT82hCYGaiA/z2U365NsJ4xVAe2uuMLugtaN/ EQKbBycBeQU2RKNQOESCjRDSdZUf0pFwwQ+iZ0g3oGvLiyMiW/QNGicaPgl67zTvBZ+t WV0M0Hl/Gmyo+EzNVzcRqwqiyb3A5mtaV3lb59XQaKtx1J9m+Go3fGCQhPhARmXws1aD LGjMby2icZlmMcwPAf4/BX2iyKnf6cPGs/nTv9IqRXzGMO2BUvnwn0i1Tcs87YQrubwn +FGg3LTjpP0zQBrT+zlMq3XES7P2POufMwtPhqDh0vHWKPHW4w/yWCJociVB72OM7D/M 9fCQ== Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Received: by 10.204.149.208 with SMTP id u16mr9610268bkv.81.1338905728924; Tue, 05 Jun 2012 07:15:28 -0700 (PDT) Sender: freemanrich@gmail.com Received: by 10.204.149.211 with HTTP; Tue, 5 Jun 2012 07:15:28 -0700 (PDT) In-Reply-To: <20120605085002.2bbe9a0d@pomiocik.lan> References: <20120604191000.GA3692@localhost> <20120604204132.GB3692@localhost> <20120605085002.2bbe9a0d@pomiocik.lan> Date: Tue, 5 Jun 2012 10:15:28 -0400 X-Google-Sender-Auth: S73U1V-EqOxg5-F4tFucDOdiOBI Message-ID: Subject: Re: [gentoo-dev] Git braindump: 1 of N: merging & git signing From: Rich Freeman To: =?UTF-8?B?TWljaGHFgiBHw7Nybnk=?= Cc: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 6183b5fc-50e5-49a9-a6d5-b23034fa53c7 X-Archives-Hash: 4269b7921583ce091f2b1df8db27c8f3 On Tue, Jun 5, 2012 at 2:50 AM, Micha=C5=82 G=C3=B3rny = wrote: > On Mon, 4 Jun 2012 16:57:42 -0400 > Rich Freeman wrote: > >> If you go back and look at the tree you see a bunch of signed and >> unsigned commits. =C2=A0How do you easily detect how the unsigned ones g= ot >> there (via a dev with a merge commit, or via other means)? > > Well, that's not a very good solution but the server-side hooks could > also verify the tree state before applying new commits. The obvious problem with this is that it makes the git server a single point of failure - if it is compromised the hooks will not help. Hooks should nevertheless be there to eliminate mistakes. Note that in no way are any of these git flaws any worse than the status quo. I just want to avoid any false sense of security. I think these are flaws that are worth fixing, and I think that was why many have labored to get the signing enabled in git in the first place. My suggestion is to keep working on this, but it shouldn't be considered a blocker for adoption, since these are not new security flaws, and if anything despite its holes git is an improvement. Rich