[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
21/66: icse-2022: Link to "Git Cryptography Protocol".
From: |
Ludovic Courtès |
Subject: |
21/66: icse-2022: Link to "Git Cryptography Protocol". |
Date: |
Wed, 29 Jun 2022 11:31:59 -0400 (EDT) |
civodul pushed a commit to branch master
in repository maintenance.
commit 6b81d8a3bc564d8a74848817596ad1b5ccacf605
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Mon Aug 30 16:12:05 2021 +0200
icse-2022: Link to "Git Cryptography Protocol".
---
doc/icse-2022/security.sbib | 7 +++++++
doc/icse-2022/supply-chain.skb | 13 ++++++++-----
2 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/doc/icse-2022/security.sbib b/doc/icse-2022/security.sbib
index cef3c99..88e87f1 100644
--- a/doc/icse-2022/security.sbib
+++ b/doc/icse-2022/security.sbib
@@ -204,6 +204,13 @@ Thayer")
(year "2021")
(url "https://www.sigstore.dev/"))
+(misc huseby2021:git-crypto
+ (author "Dave Huseby et al.")
+ (title "Git Cryptography Protocol")
+ (year "2021")
+ (url "https://github.com/cryptidtech/git-cryptography-protocol"))
+
+
#|
(defun skr-from-bibtex ()
"Vaguely convert the BibTeX snippets after POINT to SBibTeX."
diff --git a/doc/icse-2022/supply-chain.skb b/doc/icse-2022/supply-chain.skb
index 4dec83f..639a008 100644
--- a/doc/icse-2022/supply-chain.skb
+++ b/doc/icse-2022/supply-chain.skb
@@ -743,11 +743,14 @@ broad and extensible specification ,(ref :bib
'callas2007:rfc4880-openpgp), made it a poor candidate in our eyes.
More focused options such as minisign ,(ref :bib
'denis2021:minisign-web) looked more appealing. However, we felt that
-the fact that OpenPGP commit signing is well-supported by Git makes a
-significant practical difference: developers can easily be set up to
-sign commits with GnuPG and commands such as ,(tt [git log]) can verify
-and display signatures; ways to deal with OpenPGP keys and signatures,
-although complex, are also well-documented.])
+the fact that OpenPGP commit signing is well-supported by Git,(footnote
+[As of this writing, Git tools only support OpenPGP, but work started in
+2021 to support cryptography tools other than OpenPGP/GnuPG ,(ref :bib
+'huseby2021:git-crypto).]) makes a significant practical difference:
+developers can easily be set up to sign commits with GnuPG and commands
+such as ,(tt [git log]) can verify and display signatures; ways to deal
+with OpenPGP keys and signatures, although complex, are also
+well-documented.])
(p [Key distribution is an important issue. We did not want
the whole mechanism to lazily fetch public keys from key servers:
- 02/66: ccs-2021: Write "Implementation" section., (continued)
- 02/66: ccs-2021: Write "Implementation" section., Ludovic Courtès, 2022/06/29
- 05/66: ccs-2021: Move "Notes on SHA-1" under "Implementation"., Ludovic Courtès, 2022/06/29
- 06/66: ccs-2021: Turn on review mode for good., Ludovic Courtès, 2022/06/29
- 03/66: ccs-2021: Tweak main sections., Ludovic Courtès, 2022/06/29
- 12/66: ccs-2021: Add abstract and tweak intro., Ludovic Courtès, 2022/06/29
- 07/66: ccs-2021: Discuss in-toto in "Related Work"., Ludovic Courtès, 2022/06/29
- 11/66: ccs-2021: Complete introductions., Ludovic Courtès, 2022/06/29
- 25/66: icse-2022: Final (?) tweaks., Ludovic Courtès, 2022/06/29
- 04/66: ccs-2021: Tweak "related work", add proper references., Ludovic Courtès, 2022/06/29
- 09/66: ccs-2021: Write conclusion., Ludovic Courtès, 2022/06/29
- 21/66: icse-2022: Link to "Git Cryptography Protocol".,
Ludovic Courtès <=
- 29/66: programming-2022: Adjust to <Programming> style., Ludovic Courtès, 2022/06/29
- 31/66: programming-2022: Expand "Related Work"., Ludovic Courtès, 2022/06/29
- 32/66: programming-2022: Use a monospace font for code snippets., Ludovic Courtès, 2022/06/29
- 08/66: ccs-2021: Capitalize section titles., Ludovic Courtès, 2022/06/29
- 10/66: ccs-2021: Improve "Rationale" section., Ludovic Courtès, 2022/06/29
- 13/66: ccs-2021: Proof-read and tweak., Ludovic Courtès, 2022/06/29
- 15/66: ccs-2021: Typos, hyphenation, and other improvements., Ludovic Courtès, 2022/06/29
- 14/66: ccs-2021: Update ACM categories., Ludovic Courtès, 2022/06/29
- 16/66: ccs-2021: Tweak "Related Work"., Ludovic Courtès, 2022/06/29
- 17/66: ccs-2021: Give example authentication throughput., Ludovic Courtès, 2022/06/29