diff options
| author | Gregory Maxwell <gmaxwell@gmail.com> | 2014-05-23 10:32:34 -0700 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2014-05-23 17:38:01 +0000 |
| commit | 0c54b85905ed1d8a75d533bfd1fed8d86b2e8789 (patch) | |
| tree | e841b8c1baf3ae817f1b7dddea171f3cfe092c8c | |
| parent | f76398cbb717e0a57a96c62d246a51a7d8ffdd3e (diff) | |
| download | pi-bitcoindev-0c54b85905ed1d8a75d533bfd1fed8d86b2e8789.tar.gz pi-bitcoindev-0c54b85905ed1d8a75d533bfd1fed8d86b2e8789.zip | |
Re: [Bitcoin-development] PSA: Please sign your git commits
| -rw-r--r-- | 02/4f95e5605e036f733788b148c4bf0f63348d1d | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/02/4f95e5605e036f733788b148c4bf0f63348d1d b/02/4f95e5605e036f733788b148c4bf0f63348d1d new file mode 100644 index 000000000..8f30d9ab9 --- /dev/null +++ b/02/4f95e5605e036f733788b148c4bf0f63348d1d @@ -0,0 +1,109 @@ +Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] + helo=mx.sourceforge.net) + by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) + (envelope-from <gmaxwell@gmail.com>) id 1WntPt-0004v1-Ll + for bitcoin-development@lists.sourceforge.net; + Fri, 23 May 2014 17:38:01 +0000 +Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com + designates 209.85.217.170 as permitted sender) + client-ip=209.85.217.170; envelope-from=gmaxwell@gmail.com; + helo=mail-lb0-f170.google.com; +Received: from mail-lb0-f170.google.com ([209.85.217.170]) + by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) + (Exim 4.76) id 1WntPs-0000W3-N6 + for bitcoin-development@lists.sourceforge.net; + Fri, 23 May 2014 17:38:01 +0000 +Received: by mail-lb0-f170.google.com with SMTP id w7so2955589lbi.29 + for <bitcoin-development@lists.sourceforge.net>; + Fri, 23 May 2014 10:37:53 -0700 (PDT) +MIME-Version: 1.0 +X-Received: by 10.112.89.66 with SMTP id bm2mr2024719lbb.91.1400866354168; + Fri, 23 May 2014 10:32:34 -0700 (PDT) +Received: by 10.112.89.68 with HTTP; Fri, 23 May 2014 10:32:34 -0700 (PDT) +In-Reply-To: <537F7BE2.6010006@jerviss.org> +References: <CA+s+GJBNWh0Py9KB4Y+B19ACeHOygtkLrPw5SbZ0SrVs50pqvg@mail.gmail.com> + <7B48B9D4-5FB0-42CA-A462-C20D3F345A9A@beams.io> + <CA+s+GJC8=OHmmF7fc-fT8fQDWE1uNcCS8-ELEKr0MjQ4CpbPBA@mail.gmail.com> + <537D0CE1.3000608@monetize.io> + <CAAS2fgSN00Y2XUqLoft9=Fq1GfWvSYQfXdD=RE8890iOU5asRQ@mail.gmail.com> + <CAJHLa0NNMKW57r2cRsu3a1UFSf5MSp-EWATqf--DKTe-=n26CA@mail.gmail.com> + <CA+s+GJBJKQqsJHzdHvw0-r3mmvbRMDpUrWFj2O2-RXkpgGLO7g@mail.gmail.com> + <537F7BE2.6010006@jerviss.org> +Date: Fri, 23 May 2014 10:32:34 -0700 +Message-ID: <CAAS2fgR39ChTjhmY-wpcgUoHWGJenazQyOaj5=ym5zYOHiFQig@mail.gmail.com> +From: Gregory Maxwell <gmaxwell@gmail.com> +To: Kyle Jerviss <bitcoin-devel@jerviss.org> +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable +X-Spam-Score: -1.6 (-) +X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. + See http://spamassassin.org/tag/ for more details. + -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for + sender-domain + 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider + (gmaxwell[at]gmail.com) + -0.0 SPF_PASS SPF: sender matches SPF record + -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from + author's domain + 0.1 DKIM_SIGNED Message has a DKIM or DK signature, + not necessarily valid + -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature +X-Headers-End: 1WntPs-0000W3-N6 +Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net> +Subject: Re: [Bitcoin-development] PSA: Please sign your git commits +X-BeenThere: bitcoin-development@lists.sourceforge.net +X-Mailman-Version: 2.1.9 +Precedence: list +List-Id: <bitcoin-development.lists.sourceforge.net> +List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> +List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> +List-Post: <mailto:bitcoin-development@lists.sourceforge.net> +List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> +List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, + <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> +X-List-Received-Date: Fri, 23 May 2014 17:38:01 -0000 + +On Fri, May 23, 2014 at 9:48 AM, Kyle Jerviss <bitcoin-devel@jerviss.org> w= +rote: +> Multisig is great for irreversible actions, but pointless most of the +> time, which is why no PGP developer or user ever thought to implement it. +> +> If you lose a key and an attacker signs a bogus email or commit with it, +> we all roll back with no lasting harm done. + +PGP in general is not very thoughtful about security. There are a lot +of things it does poorly. This is easily excusable considering the +historical context it came from=E2=80=94 it was the first real cryptographi= +c +tool I used, at the time its distribution had concerns about legality, +just getting things into people's hands was an achievement enough. + +From a cryptosystem perspective much more powerful things can be done +now, but there is a long way to go in figuring out how to many any +cryptographic tool usable to people. + +PGP is a general purpose tool=E2=80=94 which is the hardest kind to write= +=E2=80=94 its +also used in a lot of irreversible contexts: If your key deploys a bad +software release and it steals everyone's data or wipes their disks=E2=80= +=94 +thats not an irreversible action by any means. + +If you want threshold pgp though=E2=80=94 it's possible. The RSA cryptosyst= +em +is directly compatible with threshold cryptography. It's just that no +one has written the tools. There are implementations of the bare +cryptosystem however. + +One of my longer term would-be-nice goals for a upgrade bitcoin script +2.0 would be being thoughtful enough in the design that it could be +adopted as a signing cryptosystem in other applications (e.g. tools +similar to GPG)=E2=80=94 allowing for things like creating a public key whi= +ch +can only issue trust level 0 certifications, only certifications for +certain organizations (e.g. *.debian.org) unless thresholded with an +offline key, or only signing for messages meeting a certain +programmatic predicate generally. + + |