From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by sourceware.org (Postfix) with ESMTPS id 5F5BA3858D38; Mon, 22 Apr 2024 11:40:44 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5F5BA3858D38 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 5F5BA3858D38 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::62e ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713786047; cv=none; b=b/AJ7TGjSztqHxks67AhLoXxnIE9vZOj3QD9h8n4kUdgQYqpmWhMq8+0NLfs1KcCO/RYNwhIIZ65yf6CoOxv+nXsTbqKrqaz7/jOAFFWm1W49RT/8ml8wqOs6XmICBwtZRMUR9iIAkIK/4SkEkKltfP4yg/B8XdKt4HNfuIsuHo= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1713786047; c=relaxed/simple; bh=Wu08aen6LAPLfs7HKAmoeibcMkCgghCw7qzmSd0+p2w=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=M0xekOvczGT1vMhtW8gdSU2+HhzHvHtO8CAcm1jQArcEun5FDXSzcoSHtl0d5rTddaqUT5VrJoXuFKFETxImmPBZeM2hc35JCcb1a6YtAZdwXnCuNzTW6GAEhv2GEaJb1W/AhhxgJikE0GGcV50fyJ4aRdCIBGQW2ujwrugVqFw= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-a55b93f5540so91197366b.1; Mon, 22 Apr 2024 04:40:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1713786043; x=1714390843; darn=sourceware.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Wu08aen6LAPLfs7HKAmoeibcMkCgghCw7qzmSd0+p2w=; b=nDd8JnlaB1krsV6GdRThF+i8x5y3kvvygLUHgtA3BkZUKKv2zssZCmBqRTtNfxtMvo QGGW4ewiqRhmm1nSIT+HUgx9J/V78Ip13OO8J7/AD9FvX9Gje/KUwJCXqMpSurk9U9zS jpUj9c5pEE7ectBy+vyyFAyQ7qKT9153Ym85j9lULQ9clANfAUJ6dPmYSYOnEjNBbYMI CMouFrQ72Ii/4EG5lJzFfedA/C+o1L5vVKqwOn/z8tzhE+oBwXab4/RYcgXVsabOBAOv 3ghTgSHgyxC4alUm7P0i+FulwgIeEaGsIMO0Om++L2JUT0jImb5WFeT9LdSgrMyoFZw/ iEig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713786043; x=1714390843; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Wu08aen6LAPLfs7HKAmoeibcMkCgghCw7qzmSd0+p2w=; b=M08iVzEOWlFa3nQpAR5AxAGT/zpN3YsxhKvk2nftncwX1FzmREWqmsMRGueSK2+JIy c0Jd6gYGJ2fyeSmmGKSquIpCRzMUqoRmKsCrYTFPalDocKv8p8NpStDbgE6sq4QhUnVY XJJzcz9SY9TfcFYKRMgO5cGZr9KHJEOqwh9cP2hthrFm0eoYsNuu/7H7qHr8Nrz3Kzz+ obVcOcMnRR1/cc4qApaeO1SIRSx50MwIzsB8B3ozkfFxnoPjucbKnqTN080Q9+xhBFZc 0aOPAFzo+zsUqJtyanPa0dHtHb3qNOocxmgQz8DNISjN0wYOxnqJiEWusG9ZhbOruo0u rghw== X-Forwarded-Encrypted: i=1; AJvYcCVJVNAPmfQuOoxkvGc/MVvNrk9KM5ovnWddWVkMG2q3eDpc5uXP9iMnrnW9y5suQ6ZJc1KcZZGIZSkId1sD+t+1FCdwBx79fDgg+b2fOcPq6zTcRECfeYjMKVhkJ2QsLNyYpLeRfY0l6AVeRuOVgH4tR+4I9C7O X-Gm-Message-State: AOJu0YyVwTlRDbrBefVUOb8kLOw5zpJrqMP3YH55s7VVkIdxeG/SYoOX QTiq/6H7t4e+yPxTYzFSsJ3/OAKjKA9pbVOWz3++at1Ulx4/nmUNk+Sn31Fk8kzecM9jUqeXojl 3Ke0ujIJKGSJis3We6DOPlEKFqHm7faXU X-Google-Smtp-Source: AGHT+IEObaeuKUAsD5CbHKDTZWIKNH2sd2YNlrEeG7i1dxtDIU7Nj9tbnva7gmlix+2an0NGX1KOKQfpcILbwHVLi9U= X-Received: by 2002:a17:906:2642:b0:a51:982e:b3f7 with SMTP id i2-20020a170906264200b00a51982eb3f7mr5528055ejc.37.1713786042750; Mon, 22 Apr 2024 04:40:42 -0700 (PDT) MIME-Version: 1.0 References: <20240417232725.GC25080@gnu.wildebeest.org> <966c58391b4d74bdc5ea607c76a8ba9b2c21263a.camel@klomp.org> In-Reply-To: <966c58391b4d74bdc5ea607c76a8ba9b2c21263a.camel@klomp.org> From: Jonathan Wakely Date: Mon, 22 Apr 2024 12:40:31 +0100 Message-ID: Subject: Re: Updated Sourceware infrastructure plans To: Mark Wielaard Cc: overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Mon, 22 Apr 2024 at 11:24, Mark Wielaard wrote: > > Hi Jonathan, > > On Fri, 2024-04-19 at 10:33 +0100, Jonathan Wakely wrote: > > On Thu, 18 Apr 2024 at 00:28, Mark Wielaard wrote: > > > We also encourage projects to use signed git commits where it makes > > > sense. This can be done through the gitsigur process which supports > > > hoos to only allow known (registered) signatures. > > > https://inbox.sourceware.org/overseers/ZIz4NB%2FAqWpSNj5d@elastic.org/ > > > But can of course also be done in other ways. See this overview of how > > > sigsigur, sigstore and b4 can provide a signed commit/release workflow: > > > https://inbox.sourceware.org/overseers/ZJ3Tihvu6GbOb8%2FR@elastic.org/ > > > > Would it be possible for gitsigur to support signing commits with ssh > > keys as well as gpg? Git supports this, and it's much easier for > > everybody than having to set up gpg. > > > > We already need an SSH key on sourceware.org to push to Git, so all > > those public keys could be treated as trusted (via git config > > gpg.ssh.allowedSignersFile). You could then sign your commits with the > > same key that you use to push to sourceware. > > O, nice, I didn't even know about this, while it has been available for > years: https://blog.dbrgn.ch/2021/11/16/git-ssh-signatures/ Yeah, I only learned about it recently, from: https://fosdem.org/2024/schedule/event/fosdem-2024-3611-so-you-think-you-know-git/ > > BTW. Note that the other way around is also possible, using your gpg > key as ssh key using gpg-agent --enable-ssh-support. See e.g. > https://gnu.wildebeest.org/blog/mjw/2019/02/17/new-pgp-key/ > > > Does requiring using a second, different key to sign commits really > > add any value? If somebody has compromised my ssh key and can push to > > sourceware, are we hoping that they won't have compromised my gpg key > > as well? > > I think it depends on the policy you use for signing commits. > Personally I only sign commits that correspond to a particular release. > But you can of course sign all commits with your ssh key at the same > time (I don't know if they mix though). > > Cheers, > > Mark