[Cryptech Core] git, again

Leif Johansson leifj at sunet.se
Mon Jan 13 08:04:30 UTC 2014


On 2014-01-13 08:44, Василий Долматов wrote:
> 13 янв. 2014 г., в 11:17, Rob Austein <sra at hactrn.net> написал(а):
>
>> At Mon, 13 Jan 2014 15:59:02 +0900, Randy Bush wrote:
>>>> - Don't attempt to automate enforcement of the signed commit policy,
>>> why not?
>> Good to have, not critical path, or so went the thinking, such as it was.
> Agree, not a critical path.
>
> Once, again, implementing security measures it is necessary to start from threat model. Otherwise it becomes «Security Theatre» (c)
>
> I now cannot imagine why key used for signing commits will be more secure than ssh-key used to get access to repository under given username.
> I equally cannot see crucial difference between https and ssh access, demanding presence of latter one.
>
> dol@
>
Its not about access control - its about making it hard to make changes
to the repo that go unnoticed.




More information about the Core mailing list