From: dwh@linuxprogrammer.org
To: git@vger.kernel.org
Subject: Preserving the ability to have both SHA1 and SHA256 signatures
Date: Fri, 7 May 2021 19:22:25 -0700 [thread overview]
Message-ID: <20210508022225.GH3986@localhost> (raw)
Hi Everybody,
I was reading through the
Documentation/technical/hash-function-transition.txt doc and realized
that the plan is to support allowing BOTH SHA1 and SHA256 signatures to
exist in a single object:
> Signed Commits
> 1. using SHA-1 only, as in existing signed commit objects
> 2. using both SHA-1 and SHA-256, by using both gpgsig-sha256 and gpgsig
> fields.
> 3. using only SHA-256, by only using the gpgsig-sha256 field.
>
> Signed Tags
> 1. using SHA-1 only, as in existing signed tag objects
> 2. using both SHA-1 and SHA-256, by using gpgsig-sha256 and an in-body
> signature.
> 3. using only SHA-256, by only using the gpgsig-sha256 field.
The design that I'm working on only supports a single signature that
uses a combination of fields: one 'signtype', zero or more 'signoption'
and one 'sign' in objects. I am thinking that the best thing to do is
replace the gpgsig-sha256 fields in objects and allow old gpgsig (commits)
and in-body (tags) signatures to co-exist along side to give the same
functionality.
That not only paves the way forward but preserves the full backward
compatibility that is one of my top requirements.
Thoughts?
Cheers!
Dave
next reply other threads:[~2021-05-08 2:22 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-08 2:22 dwh [this message]
2021-05-08 6:39 ` Preserving the ability to have both SHA1 and SHA256 signatures Christian Couder
2021-05-08 6:56 ` Junio C Hamano
2021-05-08 8:03 ` Felipe Contreras
2021-05-08 10:11 ` Stefan Moch
2021-05-08 11:12 ` Junio C Hamano
2021-05-09 0:19 ` brian m. carlson
2021-05-10 12:22 ` Is the sha256 object format experimental or not? Ævar Arnfjörð Bjarmason
2021-05-10 22:42 ` brian m. carlson
2021-05-13 20:29 ` dwh
2021-05-13 20:49 ` Konstantin Ryabitsev
2021-05-13 23:47 ` dwh
2021-05-14 13:45 ` Konstantin Ryabitsev
2021-05-14 17:39 ` dwh
2021-05-13 21:03 ` Junio C Hamano
2021-05-13 23:26 ` dwh
2021-05-14 8:49 ` Ævar Arnfjörð Bjarmason
2021-05-14 18:10 ` dwh
2021-05-18 5:32 ` Jonathan Nieder
-- strict thread matches above, loose matches on Subject: below --
2021-05-16 20:57 Preserving the ability to have both SHA1 and SHA256 signatures Personal Sam Smith
2021-05-17 3:23 ` Felipe Contreras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210508022225.GH3986@localhost \
--to=dwh@linuxprogrammer.org \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).