> The underlying initializing 'git init' commit hash must be
> signed by security officer key having sufficient human PGP-WoT.
>
> Git also supports sha-256 soon now, adoption should
> be researched from various online article series and
> work product before committing plans...
> https://lwn.net/Articles/823352/
> https://git-scm.com/docs/hash-function-transition

For those interested, additional topical from same site...

https://github.com/bk2204/git/tree/transition-stage-4

https://lwn.net/Articles/823352/
Updating the Git protocol for SHA-256

https://lwn.net/Articles/811068/
A new hash algorithm for Git

https://lwn.net/Articles/715716/
Moving Git past SHA-1


https://lwn.net/Articles/813646/
Attestation for kernel patches

https://lwn.net/Articles/821367/
Merkle trees and build systems

https://lwn.net/Articles/663875/
Changes in the TLS certificate ecosystem, part 1

https://lwn.net/Articles/468911/
Sovereign Keys for certificate verification

https://lwn.net/Articles/652580/
Decentralization for the web
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Reply via email to