On Tue, May 08, 2018 at 11:09:22PM +, brian m. carlson wrote:
> On Tue, May 08, 2018 at 09:28:14AM -0400, Jeff King wrote:
> > OK, so my question then is: what does just-gpgsm support look like?
> >
> > Do we literally add gpgsm.program? My thought was that taking us the
> > first step
On Tue, May 08, 2018 at 09:28:14AM -0400, Jeff King wrote:
> OK, so my question then is: what does just-gpgsm support look like?
>
> Do we literally add gpgsm.program? My thought was that taking us the
> first step towards a more generic config scheme would prevent us having
> to backtrack later.
On Mon, May 07, 2018 at 11:06:50PM +, brian m. carlson wrote:
> I think my main objection to this series is that it is generic in a way
> that isn't necessarily useful. We know there are essentially only two
> formats of PEM-style signatures: OpenPGP and CMS[0]. Even if there are
> more,
On Mon, May 07, 2018 at 05:45:00AM -0400, Jeff King wrote:
> Isn't that basically what this patch is, though? Or at least a step in
> that direction? For generic signing support, you need:
>
> 1. A way to tell Git to recognize that a signature exists, and what
> type it is.
>
> 2. A way
Jeff King writes:
> On Tue, Apr 17, 2018 at 12:12:12AM +, brian m. carlson wrote:
>
>> > That argues more strongly that we would regret unless we make the
>> > end-user configuration to at least the whole string (which later can
>> > be promoted to "a pattern that matches the
On Tue, Apr 17, 2018 at 12:12:12AM +, brian m. carlson wrote:
> > That argues more strongly that we would regret unless we make the
> > end-user configuration to at least the whole string (which later can
> > be promoted to "a pattern that matches the whole string"), not just
> > the part
On Tue, Apr 17, 2018 at 12:33 PM, Taylor Blau wrote:
>
> On Tue, Apr 17, 2018 at 12:08:20PM -0600, Ben Toews wrote:
> > On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote:
> > > "brian m. carlson" writes:
> > >
> > >> If we
On Tue, Apr 17, 2018 at 12:08:20PM -0600, Ben Toews wrote:
> On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote:
> > "brian m. carlson" writes:
> >
> >> If we just want to add gpgsm support, that's fine, but we should be
> >> transparent about
On Mon, Apr 16, 2018 at 7:54 PM, Junio C Hamano wrote:
> "brian m. carlson" writes:
>
>> If we just want to add gpgsm support, that's fine, but we should be
>> transparent about that fact and try to avoid making an interface which
>> is at once
"brian m. carlson" writes:
> If we just want to add gpgsm support, that's fine, but we should be
> transparent about that fact and try to avoid making an interface which
> is at once too generic and not generic enough.
One thing that makes me somewhat worried is
On Mon, Apr 16, 2018 at 02:05:32PM +0900, Junio C Hamano wrote:
> "brian m. carlson" writes:
>
> > On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote:
> >> How confident are we that _all_ possible signing programs will conform
> >> to the "-BEGIN
"brian m. carlson" writes:
> On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote:
>> How confident are we that _all_ possible signing programs will conform
>> to the "-BEGIN %s-" pattern? If we're not confident, then
>> perhaps the user should be
On Tue, Apr 10, 2018 at 04:24:27AM -0400, Eric Sunshine wrote:
> How confident are we that _all_ possible signing programs will conform
> to the "-BEGIN %s-" pattern? If we're not confident, then
> perhaps the user should be providing the full string here, not just
> the '%s' part?
This
> diff --git a/gpg-interface.h b/gpg-interface.h
> index a5e6517ae6..cee0dfe401 100644
> --- a/gpg-interface.h
> +++ b/gpg-interface.h
> @@ -23,15 +23,27 @@ struct signature_check {
> char *key;
> };
>
> +struct signing_tool {
> + char *name;
> + char *program;
> + struct
On Tue, Apr 10, 2018 at 3:35 AM, Junio C Hamano wrote:
> Ben Toews writes:
>
>> From: Ben Toews
>>
>> Currently you can only sign commits and tags using "gpg".
>> ...
>> have asked before on the list about using OpenBSD signify).
>>
On Tue, Apr 10, 2018 at 2:24 AM, Eric Sunshine wrote:
> On Mon, Apr 9, 2018 at 4:41 PM, Ben Toews wrote:
>> [...]
>> This patch introduces a set of configuration options for
>> defining a "signing tool", of which gpg may be just one.
>> With this
Ben Toews writes:
> From: Ben Toews
>
> Currently you can only sign commits and tags using "gpg".
> ...
> have asked before on the list about using OpenBSD signify).
> ---
Missing sign-off.
> -gpg.program::
> - Use this custom program instead of
On Mon, Apr 9, 2018 at 4:41 PM, Ben Toews wrote:
> [...]
> This patch introduces a set of configuration options for
> defining a "signing tool", of which gpg may be just one.
> With this patch you can:
>
> - define a new tool "foo" with signingtool.foo.program
>
> - map
Hi Ben,
On Mon, Apr 9, 2018 at 1:41 PM, Ben Toews wrote:
> From: Ben Toews
>
> Currently you can only sign commits and tags using "gpg".
> You can _almost_ plug in a related tool like "gpgsm" (which
> uses S/MIME-style signatures instead of PGP) using
>
From: Ben Toews
Currently you can only sign commits and tags using "gpg".
You can _almost_ plug in a related tool like "gpgsm" (which
uses S/MIME-style signatures instead of PGP) using
gpg.program, as it has command-line compatibility. But there
are a few rough edges:
1.
20 matches
Mail list logo