From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Woodhouse Subject: Re: [git patches] libata updates, GPG signed (but see admin notes) Date: Thu, 10 Nov 2011 13:51:58 +0000 Message-ID: <1320933118.17392.23.camel@i7.infradead.org> References: <7vwrbjlj5r.fsf@alter.siamese.dyndns.org> <7vk47jld5s.fsf@alter.siamese.dyndns.org> <20111103032205.GA25888@pompeji.miese-zwerge.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Cc: Jochen Striepe , Shawn Pearce , Junio C Hamano , git@vger.kernel.org, James Bottomley , Jeff Garzik , Andrew Morton , linux-ide@vger.kernel.org, LKML To: Linus Torvalds X-From: linux-ide-owner@vger.kernel.org Thu Nov 10 14:52:17 2011 Return-path: Envelope-to: lnx-linux-ide@lo.gmane.org Received: from vger.kernel.org ([209.132.180.67]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1ROV3A-0003FE-M6 for lnx-linux-ide@lo.gmane.org; Thu, 10 Nov 2011 14:52:17 +0100 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934618Ab1KJNwP (ORCPT ); Thu, 10 Nov 2011 08:52:15 -0500 Received: from casper.infradead.org ([85.118.1.10]:48674 "EHLO casper.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932574Ab1KJNwO (ORCPT ); Thu, 10 Nov 2011 08:52:14 -0500 Received: from i7.infradead.org ([2001:8b0:10b:1:225:64ff:fee8:e9df]) by casper.infradead.org with esmtpsa (Exim 4.76 #1 (Red Hat Linux)) id 1ROV2w-0003Ih-P3; Thu, 10 Nov 2011 13:52:03 +0000 In-Reply-To: X-Mailer: Evolution 3.2.1 (3.2.1-2.fc16) X-SRS-Rewrite: SMTP reverse-path rewritten from by casper.infradead.org See http://www.infradead.org/rpr.html Sender: linux-ide-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ide@vger.kernel.org Archived-At: On Wed, 2011-11-02 at 21:13 -0700, Linus Torvalds wrote: > No, my main objection to saving the data is that it's ugly and it's > redundant. Sure, in practice you can check the signatures later fine > (with the rare exceptions you mention), but even when you can do it, > what's the big upside? Another objection (although it may not be insurmountable) is that it's not necessarily *entirely* clear what's being signed. In the simple case where I clone your tree, make a few commits with my Signed-off-by:, sign a tag and then ask you to pull, that's easy enough. I'm vouching for what I committed, and not for everything that was in your tree beforehand. But what if I'm working on top of someone else's published git tree? Does a signed tag at the top of *my* work imply that I'm vouching for all of theirs too? In the case where the signature is ephemeral and only used for you to trust my pull request, the answer is simple: If that other work wasn't in your tree yet at the time I send my pull request, I'd damn well better be vouching for it when I ask you to pull it. Nothing new there. But if we're keeping signatures around for auditing purposes, we'd better have a coherent answer to that question. One that isn't "a signature cover everything since the last commit with torvalds@ as the committer", if we want it to be useful for the general case. -- dwmw2