Re: [PATCH 4/7] pack-protocol.txt: Elaborate on pusher identity

Wed, 01 Jul 2015 11:59:15 -0700 

Dave Borowitz <[email protected]> writes:

> This is sort of like a standard identity, except that RFC 4880 section
> 4.11 allows any UTF-8 text in the User ID packet. It is trivial to get
> gpg to pass arbitrary text when generating a push cert by setting
> user.signingKey to that arbitrary value (assuming it is an actual user
> ID associated with that key).
>
> Signed-off-by: Dave Borowitz <[email protected]>
> ---

I think this is a good idea.  I notice that "nonce" used near-by
also lacks the definition, which we would want to document.

Thanks.

>  Documentation/technical/pack-protocol.txt | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/Documentation/technical/pack-protocol.txt 
> b/Documentation/technical/pack-protocol.txt
> index 2d8b1a1..de3c72c 100644
> --- a/Documentation/technical/pack-protocol.txt
> +++ b/Documentation/technical/pack-protocol.txt
> @@ -494,7 +494,7 @@ references.
>  
>    push-cert         = PKT-LINE("push-cert" NUL capability-list LF)
>                     PKT-LINE("certificate version 0.1" LF)
> -                   PKT-LINE("pusher" SP ident LF)
> +                   PKT-LINE("pusher" SP push-cert-ident LF)
>                     PKT-LINE("pushee" SP url LF)
>                     PKT-LINE("nonce" SP nonce LF)
>                     PKT-LINE(LF)
> @@ -502,6 +502,8 @@ references.
>                     *PKT-LINE(gpg-signature-lines LF)
>                     PKT-LINE("push-cert-end" LF)
>  
> +  push-cert-ident   = 1*(UTF8) SP ["-"] 1*(DIGIT) SP ["-"|"+"] 1*(DIGIT)
> +
>    packfile          = "PACK" 28*(OCTET)
>  ----
>  
> @@ -540,8 +542,14 @@ Note that (unlike other portions of the protocol), all 
> LFs in the
>  Currently, the following header fields are defined:
>  
>  `pusher` ident::
> -     Identify the GPG key in "Human Readable Name <email@address>"
> -     format.
> +     Identity of the GPG key. This is similar to the identify found
> +     elsewhere, such as the author/committer field in commit headers,
> +     in that it consists of a name portion, a timestamp, and a
> +     timezone offset. However, unlike normal git identities, the name
> +     field may be any valid OpenPGP User ID, which is any valid UTF-8
> +     string. (By convention this matches the form:
> +     "Human Readable Name (optional comment) <email@address>"
> +     but this is only a convention.)
>  
>  `pushee` url::
>       The repository URL (anonymized, if the URL contains
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to