[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [task #4633] GPG-Signed Commits
From: |
Mark D. Baushke |
Subject: |
Re: [task #4633] GPG-Signed Commits |
Date: |
Fri, 23 Sep 2005 14:12:31 -0700 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jim Hyslop <jhyslop@dreampossible.ca> writes:
> Derek Price wrote:
> > Just a quick RFC on how this will integrate into the CVS command line &
> > config. I'm thinking that signing will be off by default, with a simple
> > `-g' global option to enable it.
>
> Sounds reasonable. If and when signed commits become standard practise,
> would we make signing the default, and require a '-g-' to turn it off,
> or will this be the default in perpetuity?
I suspect that the -g switch will want to have a PGP signing key as an
argument. I have no objections to a keyid of '-' meaning no key should
be used. Of course, if the server has configured to ask for one, that
could cause the commit to fail...
> > Since adding -g to a .cvsrc might not be acceptable for users that work
> > with multiple roots, I think this should also be implemented as a method
> > option that can be added to a CVSROOT string
> > <http://ximbiot.com/cvs/wiki/index.php?title=CVS--Concurrent_Versions_System_v1.12.12.1:_The_Repository#The_connection_method>.
>
> What would the option be? In keeping with Mark's later comments, we
> probably don't want 'gpg' in it, so 'gpg-sign' would probably not be the
> best option. I'm thinking 'sign-id=user-id'. On my home system, for
> example, my CVS user ID is 'jim', so I'd have to specify which PGP key
> to use.
>
> Example:
> CVSROOT=:local;sign-id=jhyslop@dreampossible.ca:/cvs
Good point. For commits to the savannah.nongnu.org
repositories, I might want to use a PGP keyid of 0xFCE72F65
where another repository might use a PGP keyid of 0x161913F8.
-- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFDNG+/Cg7APGsDnFERArifAKCYD3G8hZ53NhlpeWeBaLYrFhaDCACfQZQZ
E7N49+wBTY6wP9fRSnB3k8Y=
=e3XX
-----END PGP SIGNATURE-----
- Re: [task #4633] GPG-Signed Commits, (continued)
- Re: [task #4633] GPG-Signed Commits, Sylvain Beucler, 2005/09/21
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/21
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Mark D. Baushke, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Mark D. Baushke, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Jim Hyslop, 2005/09/23
- Re: [task #4633] GPG-Signed Commits,
Mark D. Baushke <=
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/23
- Re: [task #4633] GPG-Signed Commits, Jim Hyslop, 2005/09/24
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/24
- Re: [task #4633] GPG-Signed Commits, Mark D. Baushke, 2005/09/24
- Re: [task #4633] GPG-Signed Commits, Jim Hyslop, 2005/09/21
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/21
- Re: [task #4633] GPG-Signed Commits, Jim Hyslop, 2005/09/21
- Re: [task #4633] GPG-Signed Commits, Derek Price, 2005/09/21
- Re: GPG-Signed Commits and RCS Keyword exploit [long], Jim Hyslop, 2005/09/22
- Re: GPG-Signed Commits and RCS Keyword exploit [long], Derek Price, 2005/09/22