Hi, > signing process [...] guarantees [...] "these are the official commits [...]" > [...] it helps against rogue clones [...] claiming to be the real.
Two histories already differ by their commit hashes - regardless of signatures. Git's content hashing already detects rogue or modified histories without authentication. > And it helps against downgrade attacks, since the signatures authenticate the > order of commits. In Git, a commit can only have the same hash if both its content and its parent(s) match. That means the commit order is already cryptographically enforced - no need to authenticate any frozenpigs :-) Cheers, Bost
