Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp1754696ybg; Sat, 19 Oct 2019 01:48:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqxL6yNK8Hwe6FJLm8RHzOaYbFQSeppy59Tmh2frbLidD3z/ibmkyDWv7Rl44kgUA4iUPINU X-Received: by 2002:a17:906:1f44:: with SMTP id d4mr12369188ejk.16.1571474933226; Sat, 19 Oct 2019 01:48:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571474933; cv=none; d=google.com; s=arc-20160816; b=mKIH/nuBTdFUrShb26uyaCMUotmrkYmUtIP4G5XG9gWQZ0uggaLcpbdH/IYKBrJDAw plC3Ef8AlqcTvqPps4gTGAUTXfwN7Yz+AA2PzxDnbYeMieT6du5oVrcCH6v3Mkah7nxh 9Fzn+fp2wB8rbmT8qeMpBj257L9kNmgLofDirMqtrrY580g8MmgqbGMPT8ZPm1lhZjLX 4WP1WCN5R3++aN/t0aSJQeF2wq2lV3UsxSCUHv9EWg9GSObUnaZOjaqwS+biIIz4akBA guIvbcIJsaGmrNzsZJlRGS/GtfGYtFPJxrJISUHfSD6xLHbjksO0ON2S5xGLSofau/+J rZdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-signature; bh=9+xKMFbQNKCSpvT83DA5CHZgUvR/cH/zTVpq6JGVS1o=; b=IJHfI8Y9l1X3KlNwezOGgFJGfO2+ifiV3fUvC5xmpzcDfbmV1gimXVWhQsosfZc6/I Y6xz9lCpHLKSY5UPscQV+FexTDZy6wYjZGEnVczK1mt45MsoXIqPUCbpK0ZGHm/YFQrc kEPZ3/REawGz2IkEeYMyV2zFGIhEtcKDtl3bj9DhChzWeza17lYS+A3FOpRXlYUMeHpM w0YdLguwbZ+Nn5bEldy/vmehx6OKQFxUI2vS/vFMon3/c+O9/TNcNO1bz34Vqo0Damvc DDdO9r+q5P+t2PcJ7XJE1HEw7mOghUS1RppHRrd3FOtRHvACuLrbjT/lCQWqo/QgymSy 2pGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@nyu.edu header.s=20180315 header.b=spxn9D7b; dkim=pass header.i=@nyu-edu.20150623.gappssmtp.com header.s=20150623 header.b=LM4UQekB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nyu.edu Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id ck10si4848581ejb.181.2019.10.19.01.48.29; Sat, 19 Oct 2019 01:48:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@nyu.edu header.s=20180315 header.b=spxn9D7b; dkim=pass header.i=@nyu-edu.20150623.gappssmtp.com header.s=20150623 header.b=LM4UQekB; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nyu.edu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2502866AbfJRQtR (ORCPT + 99 others); Fri, 18 Oct 2019 12:49:17 -0400 Received: from mx0b-00256a01.pphosted.com ([67.231.153.242]:48992 "EHLO mx0b-00256a01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2502817AbfJRQtP (ORCPT ); Fri, 18 Oct 2019 12:49:15 -0400 X-Greylist: delayed 3504 seconds by postgrey-1.27 at vger.kernel.org; Fri, 18 Oct 2019 12:49:14 EDT Received: from pps.filterd (m0144081.ppops.net [127.0.0.1]) by mx0b-00256a01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x9IFl3n0092797 for ; Fri, 18 Oct 2019 11:50:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nyu.edu; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=20180315; bh=9+xKMFbQNKCSpvT83DA5CHZgUvR/cH/zTVpq6JGVS1o=; b=spxn9D7bZ2ZkuS36M1QuEIsG2+hs1cRYg84wWUOvCTYqRKQUT5CIFCFnli/L1OFmvJ8d K47PQNQey75haJs+RnBxsphJvgKhfEbldOom8OSrbQQQ6irI4wdrItZ4M0461/vhN2Vc N71M3ptUxK1TIGJ5V6djXG/A7uWoNtnA9ydQwHmM5P0tb6bjb8Trr0J6hPDVNg3CmV03 34roV/niOhOCj3OMvLMPCCsduqgiK+WK83d99zl6hv8dFQQQlaIkuCadC9itY4IMzA+k S3m6WHyKec/O4YAZd5SLutYyULmmgrege2tj33bI/BJCvs9qK6yWQ3QBzsxih1ZnvdMN 9g== Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com [209.85.222.199]) by mx0b-00256a01.pphosted.com with ESMTP id 2vnp4qxdnf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Fri, 18 Oct 2019 11:50:50 -0400 Received: by mail-qk1-f199.google.com with SMTP id m28so5515501qkm.10 for ; Fri, 18 Oct 2019 08:50:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nyu-edu.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=9+xKMFbQNKCSpvT83DA5CHZgUvR/cH/zTVpq6JGVS1o=; b=LM4UQekBQG9od3pTS1IYpOjYyXl7i3cTuXocPTIy6SUaXnn1klN2wgcB4JNLEzeC5d ZdqF0litBipOBBMml6FfIiMcPpte9/Q/gnlVL+jcJUmMf5WHFdUbgv2xanFRPr2G6jmj 6Hd5FsUJFRhyHSNMQD7IhbkqfbaWDITSsHOcoavx15c2DbjUKYMXa/rUNxGscXDaZ7xt ijVMBr3vVc6ET4L4Q9aEmodHCTTJIzXSlylV6AMqBXHdzE1nRps1K6yaDQESc5lou8PQ r3NRdRaNr8oX9hCFbgJdKv53bYEOYvU0Vi7y/A3BSB+x/t8bC5A+jImTwpJhBo7tiQec CgFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=9+xKMFbQNKCSpvT83DA5CHZgUvR/cH/zTVpq6JGVS1o=; b=dnHXVf3bBKChZcjnNkVZiMTdRbryJ7Hcw7HE5KtrTncf+z3e6TYwz1xumBrsY5imfI EMj6zPCbe5exaKhXHOlu15PXeFvI2RF1WNpmV6CJENmOl56Rat4+3jtA1K3xK3CQPbij 6xiRNwv+WF2Zh/biy62pq0siFNQXGRgAqv7rmFjD1tZDUTMqZRZpoXPxPlU4jlltKoyR Om+VWEDm9hifwRAKdvYhh1bUV0TRG6FKMiOysjUxyMqOrP+VY63hZ4tRbuwOuhTSsnM7 Yixs1vSQXmvyT2mUAEn59+8n12b+UCW+kMDObb3roZurZZKuKQ5V8+RIZNyGOfEjBfKO 4zcw== X-Gm-Message-State: APjAAAUcnG8d8FR4Ug4ant2hwcgq/BNQ5Bndunt6hI1eFFllZTEMRB5h pESwkUFqgKRoDx2jN4w9Dt0irxJHT0LvgILx322ZAScPd61SwwCs9kfi8ForfnVyAcZ/GFS8Vw2 //g8VCba7anvkjNeQyP88+FU= X-Received: by 2002:ac8:748c:: with SMTP id v12mr10106107qtq.318.1571413849718; Fri, 18 Oct 2019 08:50:49 -0700 (PDT) X-Received: by 2002:ac8:748c:: with SMTP id v12mr10106083qtq.318.1571413849463; Fri, 18 Oct 2019 08:50:49 -0700 (PDT) Received: from LykOS.localdomain (216-165-95-130.natpool.nyu.edu. [216.165.95.130]) by smtp.gmail.com with ESMTPSA id 54sm4236459qts.75.2019.10.18.08.50.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Oct 2019 08:50:48 -0700 (PDT) Date: Fri, 18 Oct 2019 11:50:48 -0400 From: Santiago Torres Arias To: Nicolas Belouin Cc: Willy Tarreau , Greg KH , Vegard Nossum , workflows@vger.kernel.org, Git Mailing List , LKML , Eric Wong Subject: Re: email as a bona fide git transport Message-ID: <20191018155047.id6r57komlejatvh@LykOS.localdomain> References: <20191016111009.GE13154@1wt.eu> <20191016144517.giwip4yuaxtcd64g@LykOS.localdomain> <20191017204343.GA1132188@kroah.com> <20191017204532.GA6446@chatter.i7.local> <20191018013029.GA1167832@kroah.com> <20191018015447.GB6446@chatter.i7.local> <20191018025215.GA15777@1wt.eu> <4ea21178-0cac-e958-7c69-ad5b4a74e6b5@gandi.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="yq6u5evjdh75pppc" Content-Disposition: inline In-Reply-To: <4ea21178-0cac-e958-7c69-ad5b4a74e6b5@gandi.net> X-Orig-IP: 209.85.222.199 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 spamscore=0 bulkscore=0 clxscore=1015 lowpriorityscore=0 suspectscore=0 impostorscore=0 mlxscore=0 phishscore=0 adultscore=0 malwarescore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910180142 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --yq6u5evjdh75pppc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 18, 2019 at 08:34:17AM +0200, Nicolas Belouin wrote: > On 10/18/19 4:52 AM, Willy Tarreau wrote: > > On Thu, Oct 17, 2019 at 09:54:47PM -0400, Konstantin Ryabitsev wrote: > >> On Thu, Oct 17, 2019 at 06:30:29PM -0700, Greg KH wrote: > >>>> It could only possibly work if nobody ever adds their own > >>>> "Signed-Off-By" or > >>>> any other bylines. I expect this is a deal-breaker for most maintain= ers. > >>> Yeah it is :( > >>> > >>> But, if we could just have the signature on the code change, not the > >>> changelog text, that would help with that issue. > >> We totally should, and I even mused on how we would do that here: > >> https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__public-2Dinbox.= org_git_20190910121324.GA6867-40pure.paranoia.local_&d=3DDwICaQ&c=3DslrrB7d= E8n7gBJbeO0g-IQ&r=3DyZMPY-APGKyVIX7HgQFZJA&m=3D-7NJMybpa_bV7Y1FxWmqo1cUHOsD= XAsRR1vvpQmYhyI&s=3DiFHNwBfYAPr---qMdv0mvKQAxqjXxvf1mAiAYZG6DIE&e=3D=20 > >> > >> However, since git's PGP signatures are made for the content in the ac= tual > >> commit record (tree hash, parent, author, commit message, etc), the on= ly way > >> we could preserve them between the email and the git tree is if we nev= er > >> modify any of that data. The SOB and other trailers would have to only= be > >> applied to the merge commit, or migrate into commit notes. > > There's also the possibility to handle this a bit like we do when adding > > comments before the SOB: a PGP signature would apply to the text *befor= e* > > it only. We could then have long chains of SOB, PGP, SOB, PGP etc. > > > > Willy >=20 > I don't think it can work that easily as the signed content is not just > the message. > It would need git to support nesting signatures and to allow amending a > commit without > touching the signature and to allow adding one to cover the new content > and to have a > way to verify every step. > Moreover you won't be able to reparent the commit as a maintainer (wich > I think is > also a deal-breaker) For reference, we did something similar here[1]. I'll acknowledge it's somewhat of a niche use, and there's a danger with multiple signature types that could mean many different things... I do wonder if an over-lying tool could probably provide with more granular verification over mutiple gpg payloads inside of a commit... Cheers! -Santiago. [1] https://dl.acm.org/citation.cfm?id=3D3196523 --yq6u5evjdh75pppc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEkDurc2QOttZVM+/zRo8SLOgWIpUFAl2p31cACgkQRo8SLOgW IpWOaw//QlR+/AOs1izZ0TZjqK63RlQ38/neyUS1tFB9jMvGLWeGfvG5mr5diP73 ZctbE3pON/666JNhcbP8PVYQBKc8tQxugTTVAMLIUUSPLUS6OyIKWCqa0iXKw7e4 4sDRC23nduKKmGAwUx4uwJtZmak6/U/e5K5izdp23GyQG+6ff8hmZ6y1nugaWbO/ 9+qbULTLgoZVC4icgfVcHi+6BkRCO08P9wwB7KiSR8jmaqZ/+hSxu2trpl9tF1Nk GU9T0qmMtAHA+rXkkJxvrJcCnMarLjElKzVnEJpzrokxJeH7TinvMseRA7FY7XkK /2e83EKxqBPsCJXx+A3XAOpKCzp7GjljXvyYB6z3gBZNvahBDebq/wc1rsA4p7A4 FJkv4qTuO3OxmC2LGRawK1e5hj5spx9GFwFPH9ZezyvYh1YXQFU1Oqs19BCI+UHA qYB3JwojV3xSTDkRvUJY4Ma5jBPajlLdIbvjnTehiHsBz6/BJEnQPp+UxB+769Ny 3z7pMFH489y2EhmrUTA6AeZ2Pcp/dwECNiZpCRqmmPDVC+UHw2Le+k9A/UYOwVaD DYab1hDK3dtUMfleh3d6etF8deOxD7wtc/4PRkUrhnwgbfRzg5zv8f0amitf4/+8 QL0C6UE6/Y34WqBcFmLA/cFRVnvWGK2xhL5bnshIgKRAXnUcbvM= =kV6w -----END PGP SIGNATURE----- --yq6u5evjdh75pppc--