From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from bedivere.hansenpartnership.com (bedivere.hansenpartnership.com [96.44.175.130]) by mx.groups.io with SMTP id smtpd.web09.9284.1631396939804411610 for ; Sat, 11 Sep 2021 14:48:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@hansenpartnership.com header.s=20151216 header.b=lxKU4g8n; spf=pass (domain: hansenpartnership.com, ip: 96.44.175.130, mailfrom: james.bottomley@hansenpartnership.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1631396938; bh=nd3171Vnm6C2NLpPwa0owDZdbarAtOVuwYWH89+9ERw=; h=Message-ID:Subject:From:To:Date:In-Reply-To:References:From; b=lxKU4g8nAsn7XxfUnKgaWZXE5CN51g94lPpqYluzsNpdhuh6pShDg3rGTCdXlV7ko imgEojB0itx7Kn9llUIuvVlokgITi1gsnbZFswKL8WBqec/LAfhPapzL8i8oCDKAUw Fcvp84XZUxqPO+cKt9DH3W1jyQYefag7pMPnlCpM= Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 891761280480; Sat, 11 Sep 2021 14:48:58 -0700 (PDT) Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tL1WMW-rBv7A; Sat, 11 Sep 2021 14:48:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1631396938; bh=nd3171Vnm6C2NLpPwa0owDZdbarAtOVuwYWH89+9ERw=; h=Message-ID:Subject:From:To:Date:In-Reply-To:References:From; b=lxKU4g8nAsn7XxfUnKgaWZXE5CN51g94lPpqYluzsNpdhuh6pShDg3rGTCdXlV7ko imgEojB0itx7Kn9llUIuvVlokgITi1gsnbZFswKL8WBqec/LAfhPapzL8i8oCDKAUw Fcvp84XZUxqPO+cKt9DH3W1jyQYefag7pMPnlCpM= Received: from jarvis.int.hansenpartnership.com (unknown [IPv6:2601:600:8280:66d1::527]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id 404F8128047D; Sat, 11 Sep 2021 14:48:58 -0700 (PDT) Message-ID: <86244390e3a30a6a58f01e95a9434e2126c75379.camel@HansenPartnership.com> Subject: Re: [edk2-devel] Question about EDK2 and commit signing From: "James Bottomley" To: devel@edk2.groups.io, pedro.falcato@gmail.com Date: Sat, 11 Sep 2021 14:48:57 -0700 In-Reply-To: References: User-Agent: Evolution 3.34.4 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Sat, 2021-09-11 at 19:25 +0100, Pedro Falcato wrote: > Hi everyone, > > Yesterday, when pushing my first commits to edk2-platforms (as the > Ext4Pkg maintainer), I noticed that my commits (see 7872c98 and > 71f3343) stick out like a sore thumb, as I have GPG signing on my > commits on by default (see git config commit.gpgsign), globally > across all my projects. They do? The gpgsig header is eaten by modern versions of git ... it only shows up as the verified decoration on github, which most people likely don't notice, because github has a huge amount of commit bling, so I'm not sure what you think people would notice. I suspect even ancient versions of git understand it's a header even if they can't parse it. > Is there an official stance on signed commits? I was thinking that > commit signing, at least for the maintainers that apply and push > patches, could be useful as a way to establish authenticity for every > commit that gets to the edk2 repos. The general consensus over at the Linux Kernel, which is an email based project like edk2, is that signed commits don't add anything useful. They can't be transmitted from the author in email, so they can only be added by the committer. In the current trust model, the committer is already trusted with access to the tree, so a signature doesn't add much beyond what's already known (the committer did this) and it can't add anything further about the authenticity of the actual commit if author != committer. The other problem with signed commits is there are lots of usual git operations (like rebase) where the signature doesn't survive. James