From: Junio C Hamano <gitster@pobox.com>
To: Marco Sirabella <marco@sirabella.org>
Cc: git@vger.kernel.org
Subject: Re: [PATCH] gpg-interface: Look up signing keys with only email address
Date: Mon, 04 Mar 2024 21:20:43 -0800 [thread overview]
Message-ID: <xmqqy1ax5k5w.fsf@gitster.g> (raw)
In-Reply-To: <20240305020815.2980-1-marco@sirabella.org> (Marco Sirabella's message of "Mon, 4 Mar 2024 18:08:15 -0800")
Marco Sirabella <marco@sirabella.org> writes:
> Sometimes gpg signing key UIDs include a comment between the name and
> parenthesis in the form of:
>
> John Smith (example) jsmith@example.com
>
> There's no way for git to find signing keys associated with just these
> UIDs, so look up a partial match on the email only.
This codepath is about finding the key for the current user who is
in control of what committer is found by the git_committer_info()
call, no? It is not like we are finding the key that corresponds to
a random name and e-mail address on "From:" line, right?
Assuming that it is the case, it is unclear where the claim "There's
no way for git to find" comes from. It isn't a statement that is so
obviously true, at least to me, without some explanation.
> - return git_committer_info(IDENT_STRICT | IDENT_NO_DATE);
> + return git_committer_info(IDENT_NO_NAME | IDENT_STRICT | IDENT_NO_DATE);
With this change, those who use more than one identities associated
with the same e-mail address, but different human-readable names,
will get their workflow broken, won't they?
They may be using "Will <a@dd.re.ss>" when they work on a project,
while using "Bill <a@dd.re.ss>" for another project, configured via
their .git/config in the repositories used for these two projects.
And each name+address combination they have may map to a distinct
GPG key, used to sign for each project. With this change, since the
call no longer returns the name they were using to differentiate the
two keys, one of the projects they manage would lose out, no?
In general, there may be more than one signing keys that correspond
to a given human user, and the user may choose a specific key based
on what project the signatures are made for, and in such a case,
with or without the proposed change, the fallback code based on the
git_committer_info() is an unreliable way to specify the key to be
used, especially for an action as important as cryptographic
signing. I have always assumed that people use something like this
in practice:
$ git config user.signingkey = 955980DA!
that can be used to more reliably identify a specific key in their
keyring, among the ones associated with similar identifiers meant
for human consumption such as name/e-mail pairs.
So, I am not convinced that the patch is trying to address the right
problem, and I have a mild suspicion that the proposed solution to
tweak NO_NAME may simply be robbing Peter to pay Paul. If you have
named your GPG key in your keyring with a name-email pair that is
different from how you configured your committer identity, the right
solution for such a case already exists in the form of user.signingkey
configuration variable already.
Thanks.
next prev parent reply other threads:[~2024-03-05 5:20 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-05 2:08 [PATCH] gpg-interface: Look up signing keys with only email address Marco Sirabella
2024-03-05 5:20 ` Junio C Hamano [this message]
2024-03-05 7:53 ` Marco Sirabella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqy1ax5k5w.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=marco@sirabella.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox