bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [task #4633] GPG-Signed Commits


From: Mark D. Baushke
Subject: Re: [task #4633] GPG-Signed Commits
Date: Fri, 23 Sep 2005 14:12:31 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Hyslop <address@hidden> writes:

> Derek Price wrote:
> > Just a quick RFC on how this will integrate into the CVS command line &
> > config.  I'm thinking that signing will be off by default, with a simple
> > `-g' global option to enable it.
> 
> Sounds reasonable. If and when signed commits become standard practise, 
> would we make signing the default, and require a '-g-' to turn it off, 
> or will this be the default in perpetuity?

I suspect that the -g switch will want to have a PGP signing key as an
argument. I have no objections to a keyid of '-' meaning no key should
be used. Of course, if the server has configured to ask for one, that
could cause the commit to fail...

> > Since adding -g to a .cvsrc might not be acceptable for users that work
> > with multiple roots, I think this should also be implemented as a method
> > option that can be added to a CVSROOT string
> > <http://ximbiot.com/cvs/wiki/index.php?title=CVS--Concurrent_Versions_System_v1.12.12.1:_The_Repository#The_connection_method>.
> 
> What would the option be? In keeping with Mark's later comments, we 
> probably don't want 'gpg' in it, so 'gpg-sign' would probably not be the 
> best option. I'm thinking 'sign-id=user-id'. On my home system, for 
> example, my CVS user ID is 'jim', so I'd have to specify which PGP key 
> to use.
> 
> Example:
> CVSROOT=:local;address@hidden:/cvs

Good point. For commits to the savannah.nongnu.org
repositories, I might want to use a PGP keyid of 0xFCE72F65
where another repository might use a PGP keyid of 0x161913F8.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFDNG+/Cg7APGsDnFERArifAKCYD3G8hZ53NhlpeWeBaLYrFhaDCACfQZQZ
E7N49+wBTY6wP9fRSnB3k8Y=
=e3XX
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]