From: Paul Jakma <paul@clubi.ie>
To: "David A. Wheeler" <dwheeler@dwheeler.com>
Cc: Linus Torvalds <torvalds@osdl.org>, Sean <seanlkml@sympatico.ca>,
Thomas Glanzmann <sithglan@stud.uni-erlangen.de>,
David Woodhouse <dwmw2@infradead.org>,
Jan Dittmer <jdittmer@ppp0.net>, Greg KH <greg@kroah.com>,
Kernel Mailing List <linux-kernel@vger.kernel.org>,
Git Mailing List <git@vger.kernel.org>
Subject: Re: Git-commits mailing list feed.
Date: Mon, 25 Apr 2005 02:35:45 +0100 (IST) [thread overview]
Message-ID: <Pine.LNX.4.62.0504250212200.14200@sheen.jakma.org> (raw)
In-Reply-To: <426C4168.6030008@dwheeler.com>
On Sun, 24 Apr 2005, David A. Wheeler wrote:
> It may be better to have them as simple detached signatures, which
> are completely separate files (see gpg --detached). Yeah, gpg
> currently implements detached signatures by repeating what gets
> signed, which is unfortunate, but the _idea_ is the right one.
Hmm, what do you mean by "repeating what gets signed"?
> Yes, and see my earlier posting. It'd be easy to store signatures in
> the current objects directory, of course. The trick is to be able
> to go from signed-object to the signature;
Two ways:
1. An index of sigs to signed-object.
(or more generally: objects to referring-objects)
2. Just give people the URI of the signature, let them (or their
tools) follow the 'parent' link to the object of interest
> this could be done just by creating a subdirectory using a variant
> of the name of the signed-object's file, and in that directory
> store the hash values of the signatures. E.G.:
> 00/
> 3b128932189018329839019 <- object to sign
> 3b128932189018329839019.d/
> 0143709289032890234323451
> 01/
> 43709289032890234323451 <- signature
You could hack it in to the namespace somehow I guess. I'm not sure
hacking it in would be a good thing though.
I think it might be more useful just to provide a general index to
lookup 'referring' objects (if git does not already - I dont think it
does, but I dont know enough to know for sure). So you could ask
"which {commit,tag,signature,tree}(s) refer(s) to this object?" -
that general concept will always work. If you wanted to make the
implementation of this index use some kind of sub directory as in the
above, fine..
See also method 2 above. Which would be more efficient for tools if,
within a project, some developers sign their 'updates' and some
dont.. (you never need to check whether there's a signature or not -
you'll know it from the URI automatically).
> There are LOTS of reasons for storing signatures so that they can
> be checked later on, just like there are lots of reasons for
> storing old code... they give you evidence that the reputed history
> is true (and if you doubt it, they give you a way to limit the
> doubt).
Indeed.
Anyway, we shall see what Linus does. :)
(But I do hope at least that signatures are /not/ included inline
using BEGIN PGP.. in the object that is signed.)
regards,
--
Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
Fortune:
To err is human, to purr feline.
To err is human, two curs canine.
To err is human, to moo bovine.
next prev parent reply other threads:[~2005-04-25 1:32 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <200504210422.j3L4Mo8L021495@hera.kernel.org>
[not found] ` <1114079347.6277.29.camel@laptopd505.fenrus.org>
2005-04-21 12:23 ` Git-commits mailing list feed David Woodhouse
[not found] ` <42674724.90005@ppp0.net>
[not found] ` <20050422002922.GB6829@kroah.com>
[not found] ` <426A4669.7080500@ppp0.net>
[not found] ` <1114266083.3419.40.camel@localhost.localdomain>
[not found] ` <426A5BFC.1020507@ppp0.net>
[not found] ` <1114266907.3419.43.camel@localhost.localdomain>
2005-04-23 17:31 ` Linus Torvalds
2005-04-23 17:45 ` Linus Torvalds
2005-04-23 17:50 ` Fabian Franz
2005-04-23 23:16 ` Andreas Gal
2005-04-23 17:50 ` Sean
2005-04-23 19:02 ` Thomas Glanzmann
2005-04-23 18:14 ` Sean
2005-04-23 19:34 ` Linus Torvalds
2005-04-23 17:54 ` Thomas Glanzmann
2005-04-23 18:30 ` Linus Torvalds
2005-04-23 18:06 ` Sean
2005-04-23 19:38 ` Linus Torvalds
2005-04-23 18:44 ` Sean
2005-04-23 19:58 ` Linus Torvalds
2005-04-23 19:57 ` Junio C Hamano
2005-04-23 20:23 ` Linus Torvalds
2005-04-23 20:24 ` Junio C Hamano
2005-04-24 23:25 ` Paul Jakma
2005-04-24 23:57 ` Paul Jakma
2005-04-25 1:01 ` David A. Wheeler
2005-04-25 1:35 ` Paul Jakma [this message]
2005-04-25 2:13 ` David A. Wheeler
2005-04-25 3:03 ` Paul Jakma
2005-04-25 3:08 ` Paul Jakma
2005-04-25 1:50 ` Linus Torvalds
2005-04-25 2:17 ` Fabian Franz
2005-04-25 2:39 ` Andreas Gal
2005-04-25 2:44 ` Linus Torvalds
2005-04-25 3:32 ` David A. Wheeler
2005-04-25 9:31 ` David Greaves
2005-04-25 3:08 ` David A. Wheeler
2005-04-25 3:24 ` Paul Jakma
2005-04-25 3:40 ` Paul Jakma
2005-04-25 3:47 ` Paul Jakma
2005-04-25 4:39 ` [PATCH] New option (-H) for rpush/rpull to update HEAD Andreas Gal
2005-04-25 4:47 ` Daniel Barkalow
2005-04-25 4:55 ` Andreas Gal
2005-04-25 5:18 ` Daniel Barkalow
2005-04-25 2:34 ` Git-commits mailing list feed Matt Domsch
2005-04-25 2:43 ` Jan Harkes
2005-04-23 18:39 ` Thomas Glanzmann
2005-04-23 18:44 ` Thomas Glanzmann
2005-04-23 18:46 ` Jan Harkes
2005-04-23 20:01 ` Linus Torvalds
2005-04-23 18:54 ` Junio C Hamano
2005-04-23 18:34 ` Jan Harkes
2005-04-23 19:30 ` Linus Torvalds
2005-04-23 20:49 ` Jan Harkes
2005-04-23 21:28 ` Git transfer protocols (was: Re: Git-commits mailing list feed) Mike Taht
2005-04-23 22:22 ` Jan Harkes
2005-04-23 23:29 ` Git-commits mailing list feed Linus Torvalds
2005-04-23 19:30 ` Suggestion: generalize signed tags into "assertion objects" David A. Wheeler
2005-04-23 20:15 ` Git-commits mailing list feed Jeff Garzik
2005-04-25 1:26 ` David Woodhouse
[not found] <3WtO4-5GW-5@gated-at.bofh.it>
[not found] ` <3WtXG-5Nh-9@gated-at.bofh.it>
[not found] ` <3WtXG-5Nh-7@gated-at.bofh.it>
[not found] ` <3WwLT-848-13@gated-at.bofh.it>
[not found] ` <3WxeV-5S-9@gated-at.bofh.it>
[not found] ` <3WxHT-pv-1@gated-at.bofh.it>
[not found] ` <3Wyb3-Sj-33@gated-at.bofh.it>
[not found] ` <3WyDZ-1a6-7@gated-at.bofh.it>
[not found] ` <3WYRN-5lJ-9@gated-at.bofh.it>
[not found] ` <3X0gU-6u6-5@gated-at.bofh.it>
[not found] ` <3X1G1-7ug-9@gated-at.bofh.it>
2005-04-25 15:47 ` Bodo Eggert <harvested.in.lkml@posting.7eggert.dyndns.org>
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.62.0504250212200.14200@sheen.jakma.org \
--to=paul@clubi.ie \
--cc=dwheeler@dwheeler.com \
--cc=dwmw2@infradead.org \
--cc=git@vger.kernel.org \
--cc=greg@kroah.com \
--cc=jdittmer@ppp0.net \
--cc=linux-kernel@vger.kernel.org \
--cc=seanlkml@sympatico.ca \
--cc=sithglan@stud.uni-erlangen.de \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).