From: "Frank Ch. Eigler via Gdb" <gdb@sourceware.org>
To: Overseers mailing list <overseers@sourceware.org>
Cc: Mark Wielaard <mark@klomp.org>,
Jonathan Wakely <jwakely.gcc@gmail.com>,
gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org,
libc-alpha@sourceware.org
Subject: Re: Updated Sourceware infrastructure plans
Date: Mon, 22 Apr 2024 20:48:22 -0400 [thread overview]
Message-ID: <20240423004822.GC4681@redhat.com> (raw)
In-Reply-To: <CAH6eHdSnMtHOdb2WCqR83Km5b_EmuM1Ni12oMjsXU_1u9GA7Nw@mail.gmail.com>
Hi -
> Would it be possible for gitsigur to support signing commits with ssh
> keys as well as gpg? Git supports this, and it's much easier for
> everybody than having to set up gpg. [...]
It would save some effort, but OTOH plenty of people have gpg keys
too, and the common desktop key agents support both.
> We already need an SSH key on sourceware.org to push to Git, so all
> those public keys could be treated as trusted (via git config
> gpg.ssh.allowedSignersFile). [...]
One difference is that gitsigur aims to prevent impersonation, by
tying the recorded committer to a designated set of keys for that
committer. The git builtin ssh-signing gadget doesn't attempt this.
But maybe just a small matter of wrapping might do the job.
Filed https://sourceware.org/bugzilla/show_bug.cgi?id=31670 .
> I'm already signing my GCC commits that way, without needing to use
> gpg or gitsigur:
Great, keep it up! Nothing has been stopping people from signing
their commits any way they like, including even more complex ways like
sigstore. gitsigur verification is not enabled (even in permissive
mode) at all for gcc at this time.
> commit 7c2a9dbcc2c1cb1563774068c59d5e09edc59f06 [r14-10008-g7c2a9dbcc2c1cb]
> Good "git" signature for jwakely@redhat.com with RSA key
> SHA256:8rFaYhDWn09c3vjsYIg2JE9aSpcxzTnCqajoKevrUUo
Thanks, this will help test a prototype later on.
- FChE
prev parent reply other threads:[~2024-04-23 0:51 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-17 23:27 Mark Wielaard
2024-04-18 6:04 ` Thomas Koenig via Gdb
2024-04-18 8:14 ` FX Coudert via Gdb
2024-04-18 9:01 ` Christophe Lyon via Gdb
2024-04-18 11:38 ` Janne Blomqvist via Gdb
2024-04-18 12:01 ` Generated files in libgfortran for Fortran intrinsic procedures (was: Updated Sourceware infrastructure plans) Tobias Burnus
2024-04-18 12:32 ` Martin Uecker via Gdb
2024-04-19 9:35 ` Updated Sourceware infrastructure plans Jonathan Wakely via Gdb
2024-04-18 15:56 ` Joseph Myers via Gdb
2024-04-18 17:37 ` Frank Ch. Eigler via Gdb
2024-04-18 17:54 ` Joseph Myers via Gdb
2024-04-18 18:29 ` Matt Rice via Gdb
2024-04-22 15:39 ` Tom Tromey
2024-04-23 2:55 ` Jason Merrill via Gdb
2024-04-23 3:12 ` Simon Marchi via Gdb
2024-04-23 3:24 ` Tom Tromey
2024-04-23 3:51 ` Jason Merrill via Gdb
2024-04-23 8:56 ` Mark Wielaard
2024-04-23 9:39 ` Richard Earnshaw (lists) via Gdb
2024-04-23 15:08 ` Tom Tromey
2024-04-23 15:25 ` Simon Marchi via Gdb
2024-04-24 8:49 ` Aktemur, Tankut Baris via Gdb
2024-04-23 4:06 ` Ian Lance Taylor
2024-04-23 9:30 ` Richard Earnshaw (lists) via Gdb
2024-04-23 13:51 ` Ian Lance Taylor via Gdb
2024-05-01 19:15 ` Jeff Law via Gdb
2024-05-01 19:38 ` Jonathan Wakely via Gdb
2024-05-01 20:20 ` Mark Wielaard
2024-05-01 20:53 ` Tom Tromey
2024-05-01 21:04 ` Simon Marchi via Gdb
2024-05-02 15:35 ` Pedro Alves
2024-05-02 23:05 ` Fangrui Song
[not found] ` <DS7PR12MB57651DA3A5C22B2847C13580CB182@DS7PR12MB5765.namprd12.prod.outlook.com>
2024-05-07 16:17 ` Joseph Myers via Gdb
2024-05-10 10:43 ` Ben Boeckel via Gdb
2024-05-01 20:04 ` Jason Merrill via Gdb
2024-05-01 21:26 ` Mark Wielaard
2024-05-01 22:01 ` Sergio Durigan Junior via Gdb
2024-05-02 12:54 ` Claudio Bantaloukas via Gdb
2024-05-02 15:33 ` Pedro Alves
2024-05-03 2:59 ` Ian Lance Taylor
2024-05-04 19:56 ` Ben Boeckel via Gdb
2024-05-05 5:22 ` Benson Muite via Gdb
2024-05-06 13:58 ` Ben Boeckel via Gdb
2024-05-07 16:26 ` Joseph Myers via Gdb
2024-05-01 21:38 ` Jeff Law via Gdb
2024-05-02 6:47 ` Richard Biener via Gdb
2024-05-02 11:29 ` Ian Lance Taylor via Gdb
2024-05-02 14:26 ` Simon Marchi via Gdb
2024-05-02 11:45 ` Mark Wielaard
2024-05-01 22:56 ` Tom Tromey
2024-04-23 10:34 ` Florian Weimer via Gdb
2024-04-22 10:01 ` Mark Wielaard
2024-04-22 13:23 ` Joseph Myers via Gdb
2024-04-19 9:33 ` Jonathan Wakely via Gdb
2024-04-22 10:24 ` Mark Wielaard
2024-04-22 11:40 ` Jonathan Wakely via Gdb
2024-04-23 0:48 ` Frank Ch. Eigler via Gdb [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240423004822.GC4681@redhat.com \
--to=gdb@sourceware.org \
--cc=binutils@sourceware.org \
--cc=fche@redhat.com \
--cc=gcc@gcc.gnu.org \
--cc=jwakely.gcc@gmail.com \
--cc=libc-alpha@sourceware.org \
--cc=mark@klomp.org \
--cc=overseers@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox