Thread (27 messages) 27 messages, 3 authors, 2025-07-14

Re: [PATCH v2 0/6] extract algo information from signatures

From: brian m. carlson <hidden>
Date: 2025-06-02 22:17:20

On 2025-05-26 at 10:33:08, Christian Couder wrote:
Around one month ago, I sent a patch that tried to improve on how `git
fast-export` handled SSH and X.509 commit signatures:

https://lore.kernel.org/git/20250424203904.909777-1-christian.couder@gmail.com/ (local)

This patch was showing a single string for the hash algorithm with the
following possible values:

* "openpgp" for SHA-1 OpenPGP signatures,

* "sha256" for SHA-256 OpenPGP signatures,

* "x509" for X.509 (GPGSM) signatures,

* "ssh", for SSH signatures,

* "unknown" for signatures that can't be identified (a warning is
  emitted).

brian m. carlson however replied that it would be better to show two
pieces of information instead of one: one for the hash algorithm and
one for the protocol.
Actually, what I was saying is that we should have one for the hash
algorithm that is used in the Git object.  I don't care about the hash
algorithm used in OpenPGP, X.509, or OpenSSH (that is, whether it's
signed with SHA-512 or SHA-256), but we can have multiple signatures in
a single commit such that there's both a SHA-1 signature and a SHA-256
signature.
-- 
brian m. carlson (they/them)
Toronto, Ontario, CA

Attachments

Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help