On 1/13/23 15:21, rsbecker@xxxxxxxxxxxxx wrote:
Signed content will no longer be verifiable. The whole Merkel Tree representing the commit history becomes easily corruptible by hackers
Hi,
As a long time open sourcer and hacker, I'm totally against signing
software. Is the GIT project going to build the new infrastructure for
John-Deers new tractor firmware adventure? It is totally against the
values of open source craftmanship.
I don't think any of you crypto-enthusiasts understand how propritary
companies use signed software to keep their power intact.
That's also an argument for using a non-crypto hash.
--HPS
