RE: Congratulations! Missing 3.0.0 tag?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On September 9, 2021 3:26 PM, Steffen Nurpmeso wrote:
>To: Randall S. Becker <rsbecker@xxxxxxxxxxxxx>
>Cc: 'Benjamin Kaduk' <bkaduk@xxxxxxxxxx>; openssl-users@xxxxxxxxxxx
>Subject: Re: Congratulations! Missing 3.0.0 tag?
>
>Randall S. Becker wrote in
> <012201d7a590$56df08d0$049d1a70$@nexbridge.com>:
> |On September 9, 2021 6:56 AM, Steffen Nurpmeso wrote:
> |>Benjamin Kaduk wrote in
> |> <20210908233639.GY19992@xxxxxxxxxx>:
> |>|On Thu, Sep 09, 2021 at 01:03:28AM +0200, Steffen Nurpmeso wrote:
> ...
> |>|I think (off the top of my head, i.e., without consulting a reference) \  |>| |that `git log` (which your aliases end up at) will only
>|display  |>|signatures on commits, but will not show the tag objects themselves.
> |>|`git show` does display the tag object, and for openssl only the \  |>|tag  |object is what is signed; the commits themselves are not
>|signed.
> |>
> |>I see.  That is a logical one, thanks for the explanation.
> ...
> |$ git tag --verify openssl-3.0.0
>
>Yes yes, ok!  But like i said, wouldn't it be nice if at least release commits would be signed also, a.k.a./or when a new branch is created?
>In Linux for example the merge commits to the master branch are signed, in addition to the tags of the actual releases.
>It may even be a deja vu and i may have clamoured in the past.

Strictly speaking, the signature on a tag is considered immutable and transitively applies the signature to the commit (it does not really, but the effect is the same). The signature on a tag becomes invalid if the underlying commit, or parents of that commit in git's Merkel Tree changes, so it is quite a strong signature. AFIAK, adding a signature to the commit itself does not really improve the strength of the signing (much), unless one implements a multi-signature structure - like the commit and signatures on three tags on the same commit. You have then implemented a three-signature authority, which basically is a Blockchain-style authority (not quite - I used "-style"), providing that you do trust the signers. I think the word for that is "over-kill" 😉, but maybe not in the case of OpenSSL.

-Randall
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux