Re: [PATCH] tag,verify-tag: do not trip over rfc1991 signatures

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Michael J Gruber wrote:
> Currently, git expects "-----BEGIN PGP SIGNATURE-----" at the beginning of a
> signature. But gpg uses "MESSAGE" instead of "SIGNATURE" when used with
> the "rfc1991" option. This leads to git's faling to verify it's own
> signed tags.
>
> Be more lenient and take "-----BEGIN PGP " as the indicator.

Another way to go might be to add --gnupg (or --openpgp) to the gpg
options used for tagging.  That overrides an option like rfc1991 in
the gnupg config file.

Whether that's preferable to accepting these older-style messages is
debatable.  Using rfc1991 implies pgp-2.x compatibility, which means
using md5 as the algorithm.  It could be seen as a weakness to accept
such signatures.

(Oh, and you probably saw this already, but s/faling/failing. ;)

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The best cure for insomnia is to get a lot of sleep.
    -- W.C. Fields

Attachment: pgp0WfkRKNu_g.pgp
Description: PGP signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]