Re: [git patches] libata updates, GPG signed (but see admin notes)
From: Junio C Hamano <hidden>
Date: 2016-06-15 22:52:21
Ted Ts'o [off-list ref] writes:
Suppose the project wasn't Linus, but some other project, say, a ... this, and are good (Kevin Mitnick or better) at social engineering attacks. In this sort of scenario, it's useful if *other* people could independently verify the Troll3 git tree via the crypto signatures, even though the central maintainer couldn't be bothered to check the crypto signatures.
I think we are in total agreement here ;-)
Here's an idea.... what if the "signed push" information could be embedded into the merge commit's description? That is, the information could sent via a signed git tag, or some other mechanism,...
I think you described what the signed-commit series that is cooking in 'next' is about way better than I have done so far ;-) The contributors sign the tips of their histories (which can independently be validated), the integrator pulls and can choose to bother or not to bother the tips s/he obtains, and the integrator signs his/her tip before s/he pushes the integration result out for general consumption.
... The problem with notes and tags is that they have to be pushed separately, and might get lost; where as if they are stored in the merge commit's description, they will always be there.
Exactly.