On Fri, Jun 17, 2022 at 08:12:12AM -0400, Konstantin Ryabitsev wrote: > On Fri, Jun 17, 2022 at 02:00:16PM +0200, Fabian Stelzer wrote: > > Konstantin Ryabitsev has done some work in this area especially for kernel > > development by using email headers: > > https://people.kernel.org/monsieuricon/end-to-end-patch-attestation-with-patatt-and-b4 > > https://github.com/mricon/patatt > > Greg refers specifically to patatt signatures. They aren't really specific to > kernel development at all -- they can be used for any patches sent via mail. > > b4 (the tool used by many maintainers to retrieve patches from lists) will > check patatt-style signatures (in addition to DKIM signatures) to help verify > that the patches come from trusted sources and aren't someone pretending to be > someone else. Yes, I was referring to patatt here, as linked by Konstantin's blog post above. It's part of the b4 tool (well, a git subproject in it), real link is at: https://git.kernel.org/pub/scm/utils/patatt/patatt.git thanks, greg k-h
