[Cryptech Core] git signed push

[Joachim Strömbergson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Randy Bush wrote:
>> Interesting problem with git signed push: 
>> https://developer.atlassian.com/blog/2015/05/git-horror-story-loose-nonces/
>
>> 
> sra is lead sysadmin on that machine.  but as far as i can tell,
> there is not yet an update available to the git port.
> 
> and this does not look as if it is a threat to us.

That is also my understanding since we use signed commit, not signed
push. One could use both though.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJVSw3DAAoJEF3cfFQkIuyNDJwQAMkgpIqjWhSUhaDe9PEQA+H3
wtml6LxjnlXRDmFAN6vlQodbk9rtNDhSNgKmWLfSBqRSboKbvymVGdBOJm9EQ7d3
wgJwTK7TyIEVTIHmZHELBjtlp9gg/R0zKYsPfhhVxZQ/M3HCtAqgmKjJRC5/W0j7
+SP4V0LuLkjNL/fRDEYI605zm7F2HLgImOfZbnexG+Z8aon9LAz8WIfOek+PJeqp
qFNR034yImVJHjIZ9xiF/jfNnFczGTLazbezb/GHF0kEIwfWAA7qpK46Ahfpp/mY
Xruuzs0Tbmj4FSvNQ95AQJ2DmP3+oQ549bDOY2E2cjheLvduM3anqr/3Kfy9FPUM
frLs1Zx3kPo6EWimlCtEa+mxwuhd/EtBntfvhYYZpe7G9Ga2HwZVBGb/0QgTfpOk
neDqDk0eAUtWl3X/Uquy0hEkbUgjqcExFuh2RYRdTeEWXEKjHYzrb5E1LYW1aPi2
N0wEUzDyZOB6EpxgyGS+QMvJJazf2v1Uh2cyvobbgQd/hF/LlunovKXxNG0ZFOGW
4HXj8Ij+CEB7f1cYJSPpkzM4g6SJKWvRk6FZwwiyMxOGS41bf/EFOE4Lh3UL+yL2
ejq+pTOzb5UjZMHluNUDrvYca1mdIT22wrqh5aJuZi7C8WXsAhqs92av6Jsv4fbn
S8eBFcYGv3ze/RT69K60
=Xpp/
-----END PGP SIGNATURE-----