On Fri, Jul 03, 2015 at 12:24:42PM -0400, NP-Hardass wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On Fri, 3 Jul 2015 11:19:13 -0500 > William Hubbs <willi...@gentoo.org> wrote: > > > On Fri, Jul 03, 2015 at 06:34:41AM +0000, Robin H. Johnson wrote: > > > On Thu, Jul 02, 2015 at 09:46:18PM -0400, Brian Evans wrote: > > > > Does this mean that > > > > https://wiki.gentoo.org/wiki/Gentoo_git_workflow is no longer > > > > draft or needs work or another document is meant to display the > > > > new flow? > > > It does cover most of the things needed. > > > > > > It could use some revision regarding gkeys, and I'd like to also > > > mandate signed pushes in addition to signed commits. > > > > A push doesn't create any data, it just uploads it to the repo, so how > > do you sign a push? > > > > William > > > > Repoman may need to be adjusted. Git commit has support for a "-S" > flag which signs the commit.
No that is different. There are two signing things involved here. 1) git commit -S. ie sign the commit in the tree, and git log will show that signature later. 2) git push -S, this is signing the push itself. The client will sign everything that it pushes to the server. Then the server can verify that it was pushed by a dev (which is different from the commit since a dev might be pushing a commit that was made by a user). The server will save this push certificate so that it can also be verified later on. We'll want to have both of these on. It may require some repoman changes but should not be that much. -- Jason
