On Sun, 2002-05-26 at 14:50, Dave Jones wrote:
> On Sun, May 26, 2002 at 02:29:07PM +0200, Luca Barbieri wrote:
> > Not using digital signatures is obviously not an option since there is
> > no way to prove that a message was not authentic (if it contains a
> > trojan patch, for example).
> Just because a patch has been signed does not mean it somehow manages
> to bypass peer review.
> If the patch is correct, it gets applied. If it's not obviously correct,
> it gets reviewed by someone more familiar with the code.
> Some people have a hard enough time getting patches they believe are
> legitimate features/fixes past Al Viro, Dave Miller and the likes.
> The chances of a trojan patch getting past them is I would hope, extremely minimal.
Signing a patch and getting it applied are completely separate issues.
OTOH, if Linus or anyone else has a policy of dropping all mail using
non-plaintext encodings, sending it using such an encoding is a sure way
of preventing its application.
What I was trying to say is that someone might post a trojan patch with
my name and after it gets rejected, I might get accused of trying to get
it applied. And if the forger somehow manages to get it applied the
damage to me is even greater.
Another problem that arises from unsigned messages and people not
verifying signed ones is that someone may send a message pretending that
it is from a legitimate maintainer of a patchset (including you) and
announce a new version of the patchset with a changed URL.
If the patchset maintainer doesn't immediately notice the problem,
several people might apply the patchset, trusting the maintainer, before
the forgery is exposed.
This archive was generated by hypermail 2b29 : Fri May 31 2002 - 22:00:18 EST