Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, May 08, 2018 at 11:09:22PM +, brian m. carlson wrote: > On Tue, May 08, 2018 at 09:28:14AM -0400, Jeff King wrote: > > OK, so my question then is: what does just-gpgsm support look like? > > > > Do we literally add gpgsm.program? My thought was that taking us the > > first step

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, May 08, 2018 at 09:28:14AM -0400, Jeff King wrote: > OK, so my question then is: what does just-gpgsm support look like? > > Do we literally add gpgsm.program? My thought was that taking us the > first step towards a more generic config scheme would prevent us having > to backtrack later.

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Mon, May 07, 2018 at 11:06:50PM +, brian m. carlson wrote: > I think my main objection to this series is that it is generic in a way > that isn't necessarily useful. We know there are essentially only two > formats of PEM-style signatures: OpenPGP and CMS[0]. Even if there are > more,

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Mon, May 07, 2018 at 05:45:00AM -0400, Jeff King wrote: > Isn't that basically what this patch is, though? Or at least a step in > that direction? For generic signing support, you need: > > 1. A way to tell Git to recognize that a signature exists, and what > type it is. > > 2. A way

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

Jeff King writes: > On Tue, Apr 17, 2018 at 12:12:12AM +, brian m. carlson wrote: > >> > That argues more strongly that we would regret unless we make the >> > end-user configuration to at least the whole string (which later can >> > be promoted to "a pattern that matches the

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 17, 2018 at 12:12:12AM +, brian m. carlson wrote: > > That argues more strongly that we would regret unless we make the > > end-user configuration to at least the whole string (which later can > > be promoted to "a pattern that matches the whole string"), not just > > the part

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 17, 2018 at 12:33 PM, Taylor Blau wrote: > > On Tue, Apr 17, 2018 at 12:08:20PM -0600, Ben Toews wrote: > > On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote: > > > "brian m. carlson" writes: > > > > > >> If we

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 17, 2018 at 12:08:20PM -0600, Ben Toews wrote: > On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote: > > "brian m. carlson" writes: > > > >> If we just want to add gpgsm support, that's fine, but we should be > >> transparent about

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote: > "brian m. carlson" writes: > >> If we just want to add gpgsm support, that's fine, but we should be >> transparent about that fact and try to avoid making an interface which >> is at once

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

"brian m. carlson" writes: > If we just want to add gpgsm support, that's fine, but we should be > transparent about that fact and try to avoid making an interface which > is at once too generic and not generic enough. One thing that makes me somewhat worried is

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Mon, Apr 16, 2018 at 02:05:32PM +0900, Junio C Hamano wrote: > "brian m. carlson" writes: > > > On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote: > >> How confident are we that _all_ possible signing programs will conform > >> to the "-BEGIN

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

"brian m. carlson" writes: > On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote: >> How confident are we that _all_ possible signing programs will conform >> to the "-BEGIN %s-" pattern? If we're not confident, then >> perhaps the user should be

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote: > How confident are we that _all_ possible signing programs will conform > to the "-BEGIN %s-" pattern? If we're not confident, then > perhaps the user should be providing the full string here, not just > the '%s' part? This

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

> diff --git a/gpg-interface.h b/gpg-interface.h > index a5e6517ae6..cee0dfe401 100644 > --- a/gpg-interface.h > +++ b/gpg-interface.h > @@ -23,15 +23,27 @@ struct signature_check { > char *key; > }; > > +struct signing_tool { > + char *name; > + char *program; > + struct

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 10, 2018 at 3:35 AM, Junio C Hamano wrote: > Ben Toews writes: > >> From: Ben Toews >> >> Currently you can only sign commits and tags using "gpg". >> ... >> have asked before on the list about using OpenBSD signify). >>

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Tue, Apr 10, 2018 at 2:24 AM, Eric Sunshine wrote: > On Mon, Apr 9, 2018 at 4:41 PM, Ben Toews wrote: >> [...] >> This patch introduces a set of configuration options for >> defining a "signing tool", of which gpg may be just one. >> With this

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

Ben Toews writes: > From: Ben Toews > > Currently you can only sign commits and tags using "gpg". > ... > have asked before on the list about using OpenBSD signify). > --- Missing sign-off. > -gpg.program:: > - Use this custom program instead of

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

On Mon, Apr 9, 2018 at 4:41 PM, Ben Toews wrote: > [...] > This patch introduces a set of configuration options for > defining a "signing tool", of which gpg may be just one. > With this patch you can: > > - define a new tool "foo" with signingtool.foo.program > > - map

Re: [PATCH 8/8] gpg-interface: handle alternative signature types

Hi Ben, On Mon, Apr 9, 2018 at 1:41 PM, Ben Toews wrote: > From: Ben Toews > > Currently you can only sign commits and tags using "gpg". > You can _almost_ plug in a related tool like "gpgsm" (which > uses S/MIME-style signatures instead of PGP) using >

[PATCH 8/8] gpg-interface: handle alternative signature types

From: Ben Toews Currently you can only sign commits and tags using "gpg". You can _almost_ plug in a related tool like "gpgsm" (which uses S/MIME-style signatures instead of PGP) using gpg.program, as it has command-line compatibility. But there are a few rough edges: 1.