From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Stefan Kangas Newsgroups: gmane.emacs.devel Subject: Signing git tags for releases Date: Thu, 2 Dec 2021 16:06:33 -0800 Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="00000000000016461205d232aeb6" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="12252"; mail-complaints-to="usenet@ciao.gmane.io" To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Fri Dec 03 01:07:28 2021 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1msw6p-00031N-RB for ged-emacs-devel@m.gmane-mx.org; Fri, 03 Dec 2021 01:07:27 +0100 Original-Received: from localhost ([::1]:40266 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1msw6n-0004JI-Sw for ged-emacs-devel@m.gmane-mx.org; Thu, 02 Dec 2021 19:07:25 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:59178) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1msw61-0003dv-Rz for emacs-devel@gnu.org; Thu, 02 Dec 2021 19:06:37 -0500 Original-Received: from mail-pj1-f53.google.com ([209.85.216.53]:39469) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1msw5z-0004NR-SX for emacs-devel@gnu.org; Thu, 02 Dec 2021 19:06:37 -0500 Original-Received: by mail-pj1-f53.google.com with SMTP id y14-20020a17090a2b4e00b001a5824f4918so3783527pjc.4 for ; Thu, 02 Dec 2021 16:06:35 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:mime-version:date:message-id:subject:to; bh=al/XwErZKXWgcM3BDyojUNx9DSJhmTfuuuaddzff6SQ=; b=2wVYqXqwOZdfGjEZvdquLafEZUXybYeTA/iVwj7YyljmG6ZIGbFDUGhyBLZbA9Lg4C qPdtyjCQPrCW10qw9SlskxviNOXCpm5nsS7O6m1Y6F60O3w+2KfGFi8GpNJ/+UOvcD29 sQSlgv+kQif+07CJ2sxHjUKFoszPTytkDZiWU8Gsx6+jTvx52l4aP7RkgFNvndqFzPcK N65DyRd4PBWGRzqluB307YMvaF02DhvASdmr6U+rcWc1ZMa1++1ScyhsTuZSAVdiBQ0w tkPp+yqctu0muA7oZDOh473uzH2HmoDrdIzaC9gUBBwO3mNYl6d+7iFQQBSiMJVCa+gJ sXpw== X-Gm-Message-State: AOAM532zyRCKtf8VLHbj7gjBiYSRfAKrdttz1In3zN/fu/xExvgBqDys NQgv8fECqWkSH7Jz4QKWXS9d3Clqn2R1di4mXxp+RdBw X-Google-Smtp-Source: ABdhPJyyczrKBWbmkx1xLWgzsrKFSko0sE701VLdFZp1y6zQUYgE2AQPBqWfsXhWYcYOV+04+WMYN1LpYPLtb8N4vQg= X-Received: by 2002:a17:90a:be10:: with SMTP id a16mr9596022pjs.133.1638489994438; Thu, 02 Dec 2021 16:06:34 -0800 (PST) Original-Received: from 753933720722 named unknown by gmailapi.google.com with HTTPREST; Thu, 2 Dec 2021 16:06:33 -0800 Received-SPF: pass client-ip=209.85.216.53; envelope-from=stefankangas@gmail.com; helo=mail-pj1-f53.google.com X-Spam_score_int: -13 X-Spam_score: -1.4 X-Spam_bar: - X-Spam_report: (-1.4 / 5.0 requ) BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:280800 Archived-At: --00000000000016461205d232aeb6 Content-Type: text/plain; charset="UTF-8" I would like to suggest that we start signing git tags in our repository. This would give greater confidence that a particular commit is in fact the one corresponding to a particular release (e.g. the one with some security fix and not an older one). It is not strictly necessary in the sense that we are okay as-is, but I think it's good form and a generally accepted best practice. For context, see also the previous discussion in Bug#24461. AFAIK, this will not require any action on behalf of anyone except the person making our releases, unless they specifically want to verify some signed git tag with "git tag -v TAG". In that case, they will obviously first need to fetch the corresponding public key. Unless I am overlooking something, the necessary documentation changes will be in make-tarball.txt only. See the attached diff. If there are no objections to this plan, I hope to start doing this from Emacs 28.0.91 (the second pretest release) and onward. --00000000000016461205d232aeb6 Content-Type: text/x-diff; charset="US-ASCII"; name="sign.diff" Content-Disposition: attachment; filename="sign.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: 599eb6104d674287_0.1 ZGlmZiAtLWdpdCBhL2FkbWluL21ha2UtdGFyYmFsbC50eHQgYi9hZG1pbi9tYWtlLXRhcmJhbGwu dHh0CmluZGV4IDg3MmNiMDBjYTIuLmM1NmM4ODdlMTkgMTAwNjQ0Ci0tLSBhL2FkbWluL21ha2Ut dGFyYmFsbC50eHQKKysrIGIvYWRtaW4vbWFrZS10YXJiYWxsLnR4dApAQCAtMTg3LDcgKzE4Nyw3 IEBAIEdlbmVyYWwgc3RlcHMgKGZvciBlYWNoIHN0ZXAsIGNoZWNrIGZvciBwb3NzaWJsZSBlcnJv cnMpOgogOC4gIFlvdSBjYW4gbm93IHRhZyB0aGUgcmVsZWFzZS9wcmV0ZXN0IGFuZCBwdXNoIGl0 IHRvZ2V0aGVyIHdpdGggdGhlCiAgICAgbGFzdCBjb21taXQ6CiAKLSAgICAgY2QgRU1BQ1NfUk9P VF9ESVIgJiYgZ2l0IHRhZyAtYSBUQUcgLW0gIkVtYWNzIFRBRyIKKyAgICAgY2QgRU1BQ1NfUk9P VF9ESVIgJiYgZ2l0IHRhZyAtYSAtcyBUQUcgLW0gIkVtYWNzIFRBRyIKICAgICAgZ2l0IHB1c2gK ICAgICAgZ2l0IHB1c2ggLS10YWdzCiAKQEAgLTE5OSwxNiArMTk5LDIwIEBAIEdlbmVyYWwgc3Rl cHMgKGZvciBlYWNoIHN0ZXAsIGNoZWNrIGZvciBwb3NzaWJsZSBlcnJvcnMpOgogICAgIHVzZSB0 aGUgU0hBMSBvZiB0aGUgbGFzdCBjb21taXQgd2hpY2ggd2VudCBpbnRvIHRoZSByZWxlYXNlCiAg ICAgdGFyYmFsbCwgaW4gY2FzZSB0aGVyZSB3ZXJlIHNvbWUgaW50ZXJ2ZW5pbmcgY29tbWl0cyBz aW5jZSB0aGVuOgogCi0gICAgIGdpdCB0YWcgLWEgVEFHIC1tICJFbWFjcyBUQUciIFNIQTEKKyAg ICAgZ2l0IHRhZyAtYSAtcyBUQUcgLW0gIkVtYWNzIFRBRyIgU0hBMQogICAgICBnaXQgcHVzaCAt LXRhZ3MKIAogICAgIEluIHRoZSBwYXN0LCB3ZSB3ZXJlIG5vdCBhbHdheXMgY29uc2lzdGVudCB3 aXRoIHRoZSBhbm5vdGF0aW9uCiAgICAgKGkuZS4gLW0gIkVtYWNzIFRBRyIpLiAgVGhlIHByZWZl cnJlZCBmb3JtYXQgaXMgbGlrZSB0aGlzIGZvciBhCiAgICAgcHJldGVzdCwgcmVsZWFzZSBjYW5k aWRhdGUgYW5kIGZpbmFsIHJlbGVhc2U6CiAKLSAgICAgZ2l0IHRhZyAtYSBlbWFjcy0yOC4wLjkw ICAtbSAiRW1hY3MgMjguMC45MCBwcmV0ZXN0IgotICAgICBnaXQgdGFnIC1hIGVtYWNzLTI4LjEt cmMxIC1tICJFbWFjcyAyOC4xIFJDMSIKLSAgICAgZ2l0IHRhZyAtYSBlbWFjcy0yOC4xICAgICAt bSAiRW1hY3MgMjguMSByZWxlYXNlIgorICAgICBnaXQgdGFnIC1hIC1zIGVtYWNzLTI4LjAuOTAg IC1tICJFbWFjcyAyOC4wLjkwIHByZXRlc3QiCisgICAgIGdpdCB0YWcgLWEgLXMgZW1hY3MtMjgu MS1yYzEgLW0gIkVtYWNzIDI4LjEgUkMxIgorICAgICBnaXQgdGFnIC1hIC1zIGVtYWNzLTI4LjEg ICAgIC1tICJFbWFjcyAyOC4xIHJlbGVhc2UiCisKKyAgICBUaGUgIi1zIiBvcHRpb24gYWJvdmUg bWVhbnMgdG8gc2lnbiB0aGUgdGFnIHVzaW5nIHlvdXIgZGVmYXVsdCBHUEcKKyAgICBrZXkuICBN YWtlIHN1cmUgdGhpcyB1c2VzIHRoZSBzYW1lIEdQRyBrZXkgdGhhdCB5b3UgdXNlIHRvIHNpZ24K KyAgICB0aGUgcmVsZWFzZSAoc2VlIGJlbG93KS4KIAogOS4gRGVjaWRlIHdoYXQgY29tcHJlc3Np b24gc2NoZW1lcyB0byBvZmZlci4KICAgICBGb3IgYSByZWxlYXNlLCBhdCBsZWFzdCBneiBhbmQg eHo6Cg== --00000000000016461205d232aeb6--