[tbb-dev] A proposal for signing commits with gpg

Santiago Torres-Arias santiago at archlinux.org
Tue Apr 28 15:10:10 UTC 2020


On Tue, Apr 28, 2020 at 05:04:25PM +0200, Nicolas Vigier wrote:
> On Tue, 28 Apr 2020, Santiago Torres-Arias wrote:
> 
> > On Tue, Apr 28, 2020 at 04:42:47PM +0200, Nicolas Vigier wrote:
> > > Hi,
> > > 
> > > Attached is a proposal for signing commits with gpg.
> > > 
> > 
> > Hi, this sounds incredibly useful. I'd love to contribute and also
> > bring in the usage of push certificates where applicable? Is that
> > something that has been considered?
> 
> I have not considered it, because I didn't know push certificates
> existed. Do you have more details about those push certificates?

Yes!

I think the best introduction is the patch series itself[1]. I also
wrote a paper outlining the types of attacks when git references aren't
signed at [2]. I feel that the full solution outlined in the paper may
be too costly and it's not native to git, but signed push goes a long
way in avoiding tag replacement attacks (e.g., check this patch for
pacman[3]). 

Cheers!
-Santago

[1] https://public-inbox.org/git/1408485987-3590-1-git-send-email-gitster@pobox.com/
[2] https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/torres-arias
[3] https://lists.archlinux.org/pipermail/pacman-dev/2017-September/022123.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20200428/52e7b336/attachment.sig>


More information about the tbb-dev mailing list