If you ignore the clock skew between the pusher and the receiver, then
you are correct,
but otherwise not quite. Also by specifying that as , not
,
the receiving end has a choice in how to generate and use the nonce
value. The only
requirement on the protocol is that the pusher must parrot it lite
On Wed, 2014-08-20 at 12:38 -0700, Junio C Hamano wrote:
> David Turner writes:
>
> > On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
> >> On Wed, Aug 20, 2014 at 9:56 AM, David Turner
> >> wrote:
> >> > On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
> >> >> Reusing the GPG s
David Turner writes:
> On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
>> On Wed, Aug 20, 2014 at 9:56 AM, David Turner
>> wrote:
>> > On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
>> >> Reusing the GPG signature check helpers we already have, verify
>> >> the signature in r
On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
> On Wed, Aug 20, 2014 at 9:56 AM, David Turner
> wrote:
> > On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
> >> Reusing the GPG signature check helpers we already have, verify
> >> the signature in receive-pack and give the resul
On Wed, Aug 20, 2014 at 9:56 AM, David Turner wrote:
> On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
>> Reusing the GPG signature check helpers we already have, verify
>> the signature in receive-pack and give the results to the hooks
>> via GIT_PUSH_CERT_{SIGNER,KEY,STATUS} environment
On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
> Reusing the GPG signature check helpers we already have, verify
> the signature in receive-pack and give the results to the hooks
> via GIT_PUSH_CERT_{SIGNER,KEY,STATUS} environment variables.
>
> Policy decisions, such as accepting or rej
Reusing the GPG signature check helpers we already have, verify
the signature in receive-pack and give the results to the hooks
via GIT_PUSH_CERT_{SIGNER,KEY,STATUS} environment variables.
Policy decisions, such as accepting or rejecting a good signature by
a key that is not fully trusted, is left
7 matches
Mail list logo
