[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff

From: Tom Lord
Subject: [Gnu-arch-users] tla--devo--1.2 has preliminary gpg stuff
Date: Thu, 25 Dec 2003 14:05:24 -0800 (PST)

There's more to do but I've munged Robert Collins' gpg hacks to my
satisfaction and they're now available in the latest tla--devo--1.2.

Early testing/review before I turn this into a 1.2preX release will be

* HOWTO fragment (eventually will say more)

  Arch can optionally arrange to have the contents of an archive be
  signed by each user who creates revisions there.  This can be used
  to detect cases where the contents of an archive have been modified
  by someone other than the person who created the revision (by
  import, commit, tag, cacherev, or archive-mirror).  Within the next
  few days or weeks, this capability will be expanded into a full
  facility by means of which project hosts can rapidly and reliably
  validate their source control archives after an intrusion detection
  -- and a facility by means of which intruders who attempt to modify
  archives can be proactively detected.

  Additionally, _all_ archives will now begin containing checksum
  files which can be used to help detect media failures effecting the
  contents of archives.

  Briefly, each revision directory in an archive now contains a
  `checksum' file.   That file contains the full name of the revision 
  along with an md5 checksum for each file comprising the revision.
  In a signed archive, the checksum file can be signed (for example by
  "gpg --clearsign").

  If a revision is "archive cached", then the revision directory will
  also contain a `checksum.cacherev' file containing the full name of
  the revision and an md5 checksum for the tar bundle of the cached
  revision.  In a signed archive, that file too can be clearsigned.

* Making an archive a Signed Archive

  A new archive can be made a signed archive by passing the 
  --signed option to `make-archive'.   Existing archives can be
  converted to a signed archive by creating the file
  `=meta-info/signed-archive' in the archive directory.

  Note: if you convert an existing archive to a signed archive, at
  this time, only new revisions will be signed.   There is no facility
  yet for retroactively signing old revisions of existing archives.

* Constructing Signatures

  When you import, commit, tag, cacherev, or archive-mirror to a
  signed archive, arch will sign the `checksum' and
  `checksum.cacherev' files using a user-configurable rule.

  You should create one of two files.  Either:


  (where $ARCHIVE is the archive name) to create a rule that applies
  only to a specific archive, or:


  to create a default rule for signing revisions to any signed archive
  for which no archive-specific rule is provided.

  Those files should contain a shell command, suitable for use with
  the "system(3)" libc function.   The shell command should read a 
  message on stdin, and write a signed copy of the message to stdout.

  Sample contents of such files are:

        gpg --clearsign

  (You will likely be prompted for a passphrase.)  If you use
  quintuple-agent or the agent facility of recent versions of gpg, you
  might use something like:

        agpg --clearsign


reply via email to

[Prev in Thread] Current Thread [Next in Thread]