Collin Funk <[email protected]> writes: >> (2) We accept contributions via patches sent over mailing lists. Signed >> git commits wouldn't protect us against this attack. > > Yep, as far as I am aware there is no way to sign a patch sent via > 'git send-email'. That would sign the patch sent to the list, and then a > maintainer would have to sign the commit once they push it.
This doesn't matter. The signature is not a signature of the author, it's the signature of the committer. By default, Git hides the commiter field because it is rarely relevant, but you can show it by passing --format=fuller to git-show and git-log. Even in this case, signing is useful as a way to verify that the commiter is, in fact, who they claim they are. That's what signing does in the general case. Of course, ML patches aren't applied blindly, the committer has to look at them, and a signature is a way of proving that a given committer did. -- Arsen Arsenović
signature.asc
Description: PGP signature
