From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) by sourceware.org (Postfix) with ESMTPS id 1F748384AB6F; Fri, 19 Apr 2024 09:33:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1F748384AB6F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 1F748384AB6F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::632 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713519248; cv=none; b=CuBsR/aY3xihwT1xIML+eG+ruXA4FKC/Yn4NEpagg7aiTvJChI/exGsShqJXwPxoK4nMvnvXDknYFJeiUSENOYZoPFz6OE1qU63ZlDo5tMZD6xPSN7wkhiHSbo4GctKgfu2zvDUtdWy8tjCSUCGZBzsoI0o9JZ0FNaVX7C2n/ys= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713519248; c=relaxed/simple; bh=vC0oksai4GzDsLAGYV8BrWLqn6iApbgPa3XNO2c5kA4=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=rK6M8nT6uHyADWv/qparJJgEpM2T0Lm44P8WPlEEn/4k/2mqO9JRV0Ji1pUctQZz6iDKinNdN2jE5atwURDCGm0yFD6n7CSdGLdKB3oWLXMp5IeZy23YLI9Qm8Fspe1Ie5VvC0gy3vjQfJwDEG9LEPUbar5YPjVvGweAzSNrs7Q= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a55692e09c9so101601966b.0; Fri, 19 Apr 2024 02:33:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713519237; x=1714124037; darn=sourceware.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=faGoWqK3C1jZo1warNT/R67ukrla0cWGG+mruxNWR6c=; b=EvGt7CAIHmTltoJQTNsT6bWhg6sa3n0Z2hkLtdTza0j5NXlctamhYlNSwB/HFXWT9U X+I7OYoAftefK/jqxfpqFskw0r0Ih7BLkz9cfY72W4Dga6aPHNy1ac/NquoPGRELPkEs G6PhNmBQ3Sh/DbJzxS1rdK4aIZqtyCYg+NIP4ILk9wERyGbAoKhqfxYWU/+XlsA9+S2u qzRmH1jfLDYfgJtSxoSwq8GzzqTsvlxnyMbySWFwL+YqfoL9J4vrFFqBwWIYT3sSREoM FWlXjqauEmOfzE9AuoWBjkJlxL0qdNmdeEb3SrJRI+ZYgI42CUY63Oyec6f+Bby8/2pF 0iSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713519237; x=1714124037; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=faGoWqK3C1jZo1warNT/R67ukrla0cWGG+mruxNWR6c=; b=iDABl5YH40gwaL8Eu3uP7l8goEIWIDUoMs1Cwklf7obOkg9/rQAGBgU2azcjDSFUc4 ohOawBsHJnwqoIjPYeo+esnR4UeBn6/7YlZhxA/XzH1RP22QyqZXwzUUb+OGZ7+dbHzo kLWvcLbUbTdu7i2HW5HgSE8t5EnUJ8vM861Hs4rA5wkNKL8EeR4VreJiF9dsmU0HI43A cwPMNcqGcv4Wfl9qqfceQCt7zK0otFbNfOtMm7F6F+2e3Vjr0eRFX39YUTsifAhCITk1 aLgDhNTopD8lAtldkEq5Uo6AO1/D3QrmBTbD3ESndepLzZfx6J1c1OyW13W+8w/iLKEi czOA== X-Forwarded-Encrypted: i=1; AJvYcCV9T7X0MNYdlfUnqcnpqv1DyqAMlVVWuxZkjGrZpbzII4I1uqbaVLSISgOiDh0QGpqgKj+6Nnbj9EtIOy+P9aGVcQ/ualywqOIZAHUY2KoRDh1cBEO5xnYRIQCZYry9n0YpgpkeJYt0YV5OClalg6MRR+DT4iOd X-Gm-Message-State: AOJu0YyXy0/3H1CyQLtyytVzBn5Mjh4qZ5lCjqIrTMxDxW74PGhadBuX UdHNwnYOxRv0d8twcj4IcK1E7N+4JTH1xnWoMkx9DmcZJyjObZIGPOTG3RCRtBzHhh7jm3gBdRR ahZTBl5ixWO9UWyVeX6W20e0K7zE6fNE7 X-Google-Smtp-Source: AGHT+IEmejfND4+++UetC8Af8txhmVzVKpagsdn0WV/Q9nkXF6x6aZjSsKglSo7kbTXtYP52YiUEozcL1KwG2vgIg3k= X-Received: by 2002:a50:999d:0:b0:56d:fca8:d2d6 with SMTP id m29-20020a50999d000000b0056dfca8d2d6mr1377631edb.6.1713519236377; Fri, 19 Apr 2024 02:33:56 -0700 (PDT) MIME-Version: 1.0 References: <20240417232725.GC25080@gnu.wildebeest.org> In-Reply-To: <20240417232725.GC25080@gnu.wildebeest.org> From: Jonathan Wakely Date: Fri, 19 Apr 2024 10:33:44 +0100 Message-ID: Subject: Re: Updated Sourceware infrastructure plans To: Mark Wielaard Cc: overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, 18 Apr 2024 at 00:28, Mark Wielaard wrote: > We also encourage projects to use signed git commits where it makes > sense. This can be done through the gitsigur process which supports > hoos to only allow known (registered) signatures. > https://inbox.sourceware.org/overseers/ZIz4NB%2FAqWpSNj5d@elastic.org/ > But can of course also be done in other ways. See this overview of how > sigsigur, sigstore and b4 can provide a signed commit/release workflow: > https://inbox.sourceware.org/overseers/ZJ3Tihvu6GbOb8%2FR@elastic.org/ Would it be possible for gitsigur to support signing commits with ssh keys as well as gpg? Git supports this, and it's much easier for everybody than having to set up gpg. We already need an SSH key on sourceware.org to push to Git, so all those public keys could be treated as trusted (via git config gpg.ssh.allowedSignersFile). You could then sign your commits with the same key that you use to push to sourceware. Does requiring using a second, different key to sign commits really add any value? If somebody has compromised my ssh key and can push to sourceware, are we hoping that they won't have compromised my gpg key as well? I'm already signing my GCC commits that way, without needing to use gpg or gitsigur: commit 7c2a9dbcc2c1cb1563774068c59d5e09edc59f06 [r14-10008-g7c2a9dbcc2c1cb] Good "git" signature for jwakely@redhat.com with RSA key SHA256:8rFaYhDWn09c3vjsYIg2JE9aSpcxzTnCqajoKevrUUo Author: Jonathan Wakely Date: Thu Mar 21 23:09:14 2024