A while ago, there was some discussion about authenticating commits using gnupg signatures. (see http://kerneltrap.org/mailarchive/git/2008/1/29/634209). I have searched through all of the branches in the main git repo and I can't see any commits relating to this functionality, so I was wondering if the work had stalled or perhaps not even been started. If that's the case, I'm willing to give it a shot and would welcome some discussion on how to get started. The posts in the aforementioned thread expand upon the concept beyond mere authentication and into full audit trail territory. It sounds like a significant chunk of work. However, the first logical step (at least to me!) would be to extend git-send-pack and git-receive-pack to sign and verify communications. git-send-pack could be extended with a '--sign' argument. This should produce a signature generated by passing the 'command' part of the git-send-pack output through to gpg. The rest of the pack need not be signed, as the SHA-1s in the command section already are cryptographically associated with the pack itself. At the other end, git-receive-pack would need to be invoked in such a way that it knows only to accept signed communications, and where to find a list of public keys that will be used to authenticate the data. It will check that the committer's key is known and that the signature matches the command section generated by send-pack. If the communication is not signed, or committer is unknown or it fails verification for any reason, git-receive-pack should die with an appropriate message. >From this starting point, other features (discussed in aforementioned thread) could eventually be added. Thoughts/advice/opinions/critique welcome. -- James -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
