Re: [PATCH 4/7] pack-protocol.txt: Elaborate on pusher identity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Dave Borowitz <dborowitz@xxxxxxxxxx> writes:

> This is sort of like a standard identity, except that RFC 4880 section
> 4.11 allows any UTF-8 text in the User ID packet. It is trivial to get
> gpg to pass arbitrary text when generating a push cert by setting
> user.signingKey to that arbitrary value (assuming it is an actual user
> ID associated with that key).
>
> Signed-off-by: Dave Borowitz <dborowitz@xxxxxxxxxx>
> ---

I think this is a good idea.  I notice that "nonce" used near-by
also lacks the definition, which we would want to document.

Thanks.

>  Documentation/technical/pack-protocol.txt | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/Documentation/technical/pack-protocol.txt b/Documentation/technical/pack-protocol.txt
> index 2d8b1a1..de3c72c 100644
> --- a/Documentation/technical/pack-protocol.txt
> +++ b/Documentation/technical/pack-protocol.txt
> @@ -494,7 +494,7 @@ references.
>  
>    push-cert         = PKT-LINE("push-cert" NUL capability-list LF)
>  		      PKT-LINE("certificate version 0.1" LF)
> -		      PKT-LINE("pusher" SP ident LF)
> +		      PKT-LINE("pusher" SP push-cert-ident LF)
>  		      PKT-LINE("pushee" SP url LF)
>  		      PKT-LINE("nonce" SP nonce LF)
>  		      PKT-LINE(LF)
> @@ -502,6 +502,8 @@ references.
>  		      *PKT-LINE(gpg-signature-lines LF)
>  		      PKT-LINE("push-cert-end" LF)
>  
> +  push-cert-ident   = 1*(UTF8) SP ["-"] 1*(DIGIT) SP ["-"|"+"] 1*(DIGIT)
> +
>    packfile          = "PACK" 28*(OCTET)
>  ----
>  
> @@ -540,8 +542,14 @@ Note that (unlike other portions of the protocol), all LFs in the
>  Currently, the following header fields are defined:
>  
>  `pusher` ident::
> -	Identify the GPG key in "Human Readable Name <email@address>"
> -	format.
> +	Identity of the GPG key. This is similar to the identify found
> +	elsewhere, such as the author/committer field in commit headers,
> +	in that it consists of a name portion, a timestamp, and a
> +	timezone offset. However, unlike normal git identities, the name
> +	field may be any valid OpenPGP User ID, which is any valid UTF-8
> +	string. (By convention this matches the form:
> +	"Human Readable Name (optional comment) <email@address>"
> +	but this is only a convention.)
>  
>  `pushee` url::
>  	The repository URL (anonymized, if the URL contains
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]