Re: [PATCH 1/2] Documentation/technical: signature formats

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Junio C Hamano schrieb am 22.10.2014 um 21:02:
> Michael J Gruber <git@xxxxxxxxxxxxxxxxxxxx> writes:
> 
>> Various formats for storing signatures have accumulated by now.
>> Document them to keep track (and maybe avoid yet another one).
> 
> I haven't looked at the description closely, but it is a good thing
> to describe signature in a tag and in a commit in detail, which we
> failed to do so far.
> 
> The principle is essentially the same between the signature on a tag
> and on a commit: a detached PGP signature over the remainder of the
> object data is created, and then the signature is inserted into an
> appropriate place in the resulting object.  That "appropriate place"
> is influenced by the type and nature of the object.

Yes, the detached signature can't easily be appended to a commit object
the way it follows a tag object. Conversely, signed tag could easily
look like signed commits do (sig in header), but that would require a
migration procedure.

> A mergetag is not fundamentally a "signature" in the above sense,
> though.  It is just a dump of the object content in a regular object
> header field (hence indented by one SP), and its contents having PGP
> SIGNATURE is merely a natural consequence of the object recorded
> being a signed tag.  So the description of it in the same place as
> description for signed tags and signed commits feels a little bit
> out of place, but I do not think of a better place to describe it.

I guess referencing the tag object (like other objects do) rather than
embedding it would have had its merits, but that is beating up a dead
horse. On the other hand, we could migrate to "mergetag sha1" rather
than "mergetag object foo" which is easily distinguished, but only
embedded objects are "safe" against non-aware gits.

> Thanks.

Thanks, Jakub and Junio.

I will correct the wording for the multiline header and put the mergetag
last to make it clearer that it's related but different.

Michael
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]