From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_BL_SPAMCOP_NET, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS shortcircuit=no autolearn=no autolearn_force=no version=3.4.2 Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id DC1CE1F5A2 for ; Fri, 7 Feb 2020 19:48:50 +0000 (UTC) Received: by mail-wr1-x42e.google.com with SMTP id z9so275843wrs.10 for ; Fri, 07 Feb 2020 11:48:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linuxfoundation.org; s=google; h=date:from:to:subject:message-id:mail-followup-to:mime-version :content-disposition; bh=MHS1HPRHLPTngb6+vM/tiAQfT1MhN/MdgHILgqn2dX4=; b=EPSFweU/Puo3h9J59mtMvFX8tEsDARdeQnHk5ETNXQq23n+NJ6r/GCb8cX6VNj33Kl qHuoyllV7KjoZir5SHND0yOtWK/3aNUEtCk5hhB95YB5aI5q1gFXLaVbNS0inLgx9HCo 4TEOwCFUy6jlI+MWbtnfOJGPPS9/SDjHrvr4Q= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mail-followup-to :mime-version:content-disposition; bh=MHS1HPRHLPTngb6+vM/tiAQfT1MhN/MdgHILgqn2dX4=; b=QvTWbag/CyZB7s/lzZurhvvEsWVBT7J3zdtxQYNw7soK0iLATCAvCvO8TDhf9V3JdZ n8Q/EQ8VsExE6frVOvthukgwPOI37s65+AtQYL+tRsmVpRLVCQCfUXfar82/zMmlgNVZ B0nGuxYMQMmHlnpGEDyTJxPpv2o4GIDuvhRBb2DZ4wwxq0Vx6A9nT1rCjqtbne6d2jxn Fq5iQ4VWw3obbKcjWAdG9XG60USOVvNZD/qCRk6/1CqEj3A7YkoNNT5tqjnNjecwOKep DfElTQVuNMi2+7nfcKS7/qyOq5yF7QvTpYmtjpKCnWhGK7cLjYlardD84g8gYmT3Sy4A BAmw== X-Gm-Message-State: APjAAAWswKLfkQVKZF9Kx7j6VHXLW17m0+MnYb1PQuvyBm2a0O4TfIGG 4MhwkckT3mOcGkK1X9WcIotSXmsfnAc35w== X-Google-Smtp-Source: APXvYqxVEX0HEZcgaA+81FYWFUzOUaxgY59lPsWM9vNOrK/oLzFAa2noTUfS3E9FnNsLsxZ9WbjIOA== X-Received: by 2002:a5d:62d1:: with SMTP id o17mr637648wrv.9.1581104927084; Fri, 07 Feb 2020 11:48:47 -0800 (PST) Received: from chatter.i7.local ([87.118.116.103]) by smtp.gmail.com with ESMTPSA id h18sm297977wrv.78.2020.02.07.11.48.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Feb 2020 11:48:46 -0800 (PST) Date: Fri, 7 Feb 2020 14:48:41 -0500 From: Konstantin Ryabitsev To: meta@public-inbox.org Subject: Attestation signatures in a separate ref Message-ID: <20200207194841.yzd3oziv34vooiq5@chatter.i7.local> Mail-Followup-To: meta@public-inbox.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline List-Id: Hello: While I was working on the minimalist feed stuff [1], it occurred to me that even though we may sign each commit, someone would still need to clone the entire repository to perform verification. What if instead of (or in addition to ) signing each commit in master, we have a separate ref containing just PGP-signed metadata of each message. refs/heads/master:m From: Foo Foo To: linux-kernel@vger.kernel.org Message-Id: Date: Fri, 7 Feb 2020 13:43:34 -0500 Subject: [PATCH] add foo to bar We need bar in foo! Signed-off-by: Konstantin Ryabitsev --- foo | 1 + 1 file changed, 1 insertion(+) diff --git a/foo b/foo index 257cc56..3bd1f0e 100644 --- a/foo +++ b/foo @@ -1 +1,2 @@ foo +bar -- 2.24.1 refs/heads/mailinfo:m -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Message-Id: git-foo-bar@foo-bar.local Full-SHA256: 2da2c0088c380f4cc5bf7bfdc75cb02b67ff806b712c42ea325ca33dffa57a7f Message-SHA256: 31838769c24277114191c9595fe5ffc619a22f892a23c6812d090d2cac13e1dc Patch-SHA256: 3ea940267d098d3e4d87d5475403197006956ea9fcbb9d84f37aa804c6cd8943 -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQR2vl2yUnHhSB5njDW2xBzjVmSZbAUCXj22ZAAKCRC2xBzjVmSZ .... 0SJaB7csojQUzZBzX1Ntx9F+OzNy8gY= =lvaU -----END PGP SIGNATURE----- Full-SHA256 contains verbatim contents of master:m, while Message/Patch-SHA256 contains the "msg" and "patch" output of "git mailinfo". Separating it this way would allow someone to verify the contents of a message even if it has been modified to remove headers or mime-parts, e.g. for the purposes of creating a "git am" friendly mbox file. The alternative is making these notes on the commits, but I believe that has important scaling impacts. What do you think? -K