From: Michael J Gruber <git@drmicha.warpmail.net>
To: Todd Zullinger <tmz@pobox.com>
Cc: git@vger.kernel.org, Stephan Hugel <urschrei@gmail.com>,
Junio C Hamano <gitster@pobox.com>
Subject: Re: [PATCH] tag,verify-tag: do not trip over rfc1991 signatures
Date: Tue, 05 Oct 2010 22:47:33 +0200 [thread overview]
Message-ID: <4CAB8EE5.5020405@drmicha.warpmail.net> (raw)
In-Reply-To: <20101005204201.GF7629@inocybe.localdomain>
Todd Zullinger venit, vidit, dixit 05.10.2010 22:42:
> Michael J Gruber wrote:
>> Currently, git expects "-----BEGIN PGP SIGNATURE-----" at the beginning of a
>> signature. But gpg uses "MESSAGE" instead of "SIGNATURE" when used with
>> the "rfc1991" option. This leads to git's faling to verify it's own
>> signed tags.
>>
>> Be more lenient and take "-----BEGIN PGP " as the indicator.
>
> Another way to go might be to add --gnupg (or --openpgp) to the gpg
> options used for tagging. That overrides an option like rfc1991 in
> the gnupg config file.
>
> Whether that's preferable to accepting these older-style messages is
> debatable. Using rfc1991 implies pgp-2.x compatibility, which means
> using md5 as the algorithm. It could be seen as a weakness to accept
> such signatures.
The problem is that we never did this, i.e. we always allowed people to
create such signatures. They never verified, though, even though they
were valid. If that's reason enough to discount the usual compatibility
argument then adding --gnupg would be best.
> (Oh, and you probably saw this already, but s/faling/failing. ;)
:|
Michael
next prev parent reply other threads:[~2010-10-05 20:47 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-04 22:13 Error when verifying tags signed using 1.7.3.1 Stephan Hugel
2010-10-04 22:51 ` Daniel Johnson
2010-10-04 23:04 ` Stephan Hugel
2010-10-04 23:59 ` Daniel Johnson
2010-10-05 0:17 ` Stephan Hugel
2010-10-05 8:00 ` Michael J Gruber
2010-10-05 13:28 ` Stephan Hugel
2010-10-05 15:07 ` Michael J Gruber
2010-10-05 15:19 ` Stephan Hugel
2010-10-05 15:39 ` Michael J Gruber
2010-10-05 15:40 ` [PATCH] tag,verify-tag: do not trip over rfc1991 signatures Michael J Gruber
2010-10-05 20:28 ` Junio C Hamano
2010-10-05 20:42 ` Michael J Gruber
2010-10-05 20:51 ` Stephan Hugel
2010-10-05 20:56 ` Michael J Gruber
2010-11-06 11:04 ` [PATCH 0/5] Handling of " Michael J Gruber
2010-11-06 11:04 ` [PATCH 1/5] t/t7004-tag: test handling " Michael J Gruber
2010-11-09 17:17 ` Junio C Hamano
2010-11-09 17:23 ` Michael J Gruber
2010-11-10 0:19 ` Junio C Hamano
2010-11-10 8:23 ` Michael J Gruber
2010-11-06 11:04 ` [PATCH 2/5] verify-tag: factor out signature detection Michael J Gruber
2010-11-06 17:40 ` Thiago Farina
2010-11-06 11:04 ` [PATCH 3/5] tag: factor out sig detection for body edits Michael J Gruber
2010-11-06 11:04 ` [PATCH 4/5] tag: factor out sig detection for tag display Michael J Gruber
2010-11-06 11:04 ` [PATCH 5/5] tag: recognize rfc1991 signatures Michael J Gruber
2010-11-06 17:46 ` Thiago Farina
2010-11-08 19:27 ` Junio C Hamano
2010-11-10 11:17 ` [PATCHv2 0/5] Handling of " Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 1/5] t/t7004-tag: test handling " Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 2/5] verify-tag: factor out signature detection Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 3/5] tag: factor out sig detection for body edits Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 4/5] tag: factor out sig detection for tag display Michael J Gruber
2010-11-10 11:17 ` [PATCHv2 5/5] tag: recognize rfc1991 signatures Michael J Gruber
2010-11-10 17:41 ` [PATCHv2 0/5] Handling of " Junio C Hamano
2010-10-05 20:42 ` [PATCH] tag,verify-tag: do not trip over " Todd Zullinger
2010-10-05 20:47 ` Michael J Gruber [this message]
2010-10-05 15:45 ` Error when verifying tags signed using 1.7.3.1 Stephan Hugel
2010-10-05 9:41 ` Pat Thoyts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CAB8EE5.5020405@drmicha.warpmail.net \
--to=git@drmicha.warpmail.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=tmz@pobox.com \
--cc=urschrei@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.