-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jim Hyslop <[EMAIL PROTECTED]> writes:
> Derek Robert Price wrote: > > Summary: GPG-Signed Commits > > I put up an editable design document/RFC here: > > <http://ximbiot.com/cvs/wiki/index.php?title=GPG-Signed_Commits>. > > The most recent public thread on this topic is here: > > <http://lists.gnu.org/archive/html/info-cvs/2005-08/msg00221.html>. > > One thing I didn't see in the discussion (maybe I missed it) is: why > is this feature desirable? What are the benefits of it? (I have some > ideas, but I'm going to play dumb here [smart remarks > /dev/null] :=) This feature was first suggested when one of the CVS repositories for an open source software project was found to have been compromised. It was not clear if any of the files on the system were intact or had been maliciously modified. It took a lot of work to validate that the files looked okay. So, the GPG-Signed commits feature will try to address the problem of not being able to trust the sources checked out from a possibly subverted CVS server machine. It may not be possible to know with certainty if a subverted machine could have caused tampering to occur with the sources in the repository. If one does not know if sources have been tampered with, then it is non-trivial to make a new release of a software package and know that no undesirable changes might have been made to parts of the source without an extensive audit of all of the changes going into the release. -- Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFDIfraCg7APGsDnFERAqFsAKCwyn9MFnmv0JpwS1jusqg1Dqmj4QCgpLE9 OQdjluGatj8iGk+SzCwPKb8= =cCAw -----END PGP SIGNATURE----- _______________________________________________ Bug-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/bug-cvs
