user/dev discussion of public-inbox itself
 help / color / Atom feed
* Attestation signatures in a separate ref
@ 2020-02-07 19:48 Konstantin Ryabitsev
  2020-02-08  0:49 ` Eric Wong
  0 siblings, 1 reply; 2+ messages in thread
From: Konstantin Ryabitsev @ 2020-02-07 19:48 UTC (permalink / raw)
  To: meta

Hello:

While I was working on the minimalist feed stuff [1], it occurred to me 
that even though we may sign each commit, someone would still need to 
clone the entire repository to perform verification. What if instead of 
(or in addition to ) signing each commit in master, we have a separate ref
containing just PGP-signed metadata of each message.

refs/heads/master:m
  From: Foo Foo <foo@example.com>
  To: linux-kernel@vger.kernel.org
  Message-Id: <git-foo-bar@foo-bar.local>
  Date: Fri, 7 Feb 2020 13:43:34 -0500
  Subject: [PATCH] add foo to bar

  We need bar in foo!

  Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
  ---
   foo | 1 +
   1 file changed, 1 insertion(+)

  diff --git a/foo b/foo
  index 257cc56..3bd1f0e 100644
  --- a/foo
  +++ b/foo
  @@ -1 +1,2 @@
   foo
  +bar
  --
  2.24.1

refs/heads/mailinfo:m
  -----BEGIN PGP SIGNED MESSAGE-----
  Hash: SHA256

  Message-Id: git-foo-bar@foo-bar.local
  Full-SHA256: 2da2c0088c380f4cc5bf7bfdc75cb02b67ff806b712c42ea325ca33dffa57a7f
  Message-SHA256: 31838769c24277114191c9595fe5ffc619a22f892a23c6812d090d2cac13e1dc
  Patch-SHA256: 3ea940267d098d3e4d87d5475403197006956ea9fcbb9d84f37aa804c6cd8943
  -----BEGIN PGP SIGNATURE-----

  iHUEARYIAB0WIQR2vl2yUnHhSB5njDW2xBzjVmSZbAUCXj22ZAAKCRC2xBzjVmSZ
  ....
  0SJaB7csojQUzZBzX1Ntx9F+OzNy8gY=
  =lvaU
  -----END PGP SIGNATURE-----

Full-SHA256 contains verbatim contents of master:m, while 
Message/Patch-SHA256 contains the "msg" and "patch" output of "git 
mailinfo". Separating it this way would allow someone to verify the 
contents of a message even if it has been modified to remove headers or 
mime-parts, e.g. for the purposes of creating a "git am" friendly mbox 
file.

The alternative is making these notes on the commits, but I believe that 
has important scaling impacts.

What do you think?

-K

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-07 19:48 Attestation signatures in a separate ref Konstantin Ryabitsev
2020-02-08  0:49 ` Eric Wong

user/dev discussion of public-inbox itself

Archives are clonable:
	git clone --mirror https://public-inbox.org/meta
	git clone --mirror http://czquwvybam4bgbro.onion/meta
	git clone --mirror http://hjrcffqmbrq6wope.onion/meta
	git clone --mirror http://ou63pmih66umazou.onion/meta

Example config snippet for mirrors

Newsgroups are available over NNTP:
	nntp://news.public-inbox.org/inbox.comp.mail.public-inbox.meta
	nntp://ou63pmih66umazou.onion/inbox.comp.mail.public-inbox.meta
	nntp://czquwvybam4bgbro.onion/inbox.comp.mail.public-inbox.meta
	nntp://hjrcffqmbrq6wope.onion/inbox.comp.mail.public-inbox.meta
	nntp://news.gmane.io/gmane.mail.public-inbox.general

 note: .onion URLs require Tor: https://www.torproject.org/

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git