On Fri, Jun 17, 2022 at 02:00:16PM +0200, Fabian Stelzer wrote: > Konstantin Ryabitsev has done some work in this area especially for kernel > development by using email headers: > https://people.kernel.org/monsieuricon/end-to-end-patch-attestation-with-patatt-and-b4 > https://github.com/mricon/patatt Greg refers specifically to patatt signatures. They aren't really specific to kernel development at all -- they can be used for any patches sent via mail. b4 (the tool used by many maintainers to retrieve patches from lists) will check patatt-style signatures (in addition to DKIM signatures) to help verify that the patches come from trusted sources and aren't someone pretending to be someone else. -K
