On Wed, 2014-08-20 at 12:38 -0700, Junio C Hamano wrote:
David Turner dtur...@twopensource.com writes:
On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
On Wed, Aug 20, 2014 at 9:56 AM, David Turner dtur...@twopensource.com
wrote:
On Tue, 2014-08-19 at 15:06 -0700, Junio C
If you ignore the clock skew between the pusher and the receiver, then
you are correct,
but otherwise not quite. Also by specifying that as nonce, not
server-timestamp,
the receiving end has a choice in how to generate and use the nonce
value. The only
requirement on the protocol is that the
On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
Reusing the GPG signature check helpers we already have, verify
the signature in receive-pack and give the results to the hooks
via GIT_PUSH_CERT_{SIGNER,KEY,STATUS} environment variables.
Policy decisions, such as accepting or
On Wed, Aug 20, 2014 at 9:56 AM, David Turner dtur...@twopensource.com wrote:
On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
Reusing the GPG signature check helpers we already have, verify
the signature in receive-pack and give the results to the hooks
via
On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
On Wed, Aug 20, 2014 at 9:56 AM, David Turner dtur...@twopensource.com
wrote:
On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
Reusing the GPG signature check helpers we already have, verify
the signature in receive-pack and
David Turner dtur...@twopensource.com writes:
On Wed, 2014-08-20 at 10:29 -0700, Junio C Hamano wrote:
On Wed, Aug 20, 2014 at 9:56 AM, David Turner dtur...@twopensource.com
wrote:
On Tue, 2014-08-19 at 15:06 -0700, Junio C Hamano wrote:
Reusing the GPG signature check helpers we already
Reusing the GPG signature check helpers we already have, verify
the signature in receive-pack and give the results to the hooks
via GIT_PUSH_CERT_{SIGNER,KEY,STATUS} environment variables.
Policy decisions, such as accepting or rejecting a good signature by
a key that is not fully trusted, is
7 matches
Mail list logo