Skip to content
Snippets Groups Projects
Select Git revision
  • passt default
  • master
  • pu
  • todo
  • next
  • maint
  • v2.8.0-rc1
  • v2.8.0-rc0
  • v2.7.2
  • v2.7.1
  • v2.7.0
  • v2.6.5
  • v2.7.0-rc3
  • v2.7.0-rc2
  • v2.7.0-rc1
  • v2.7.0-rc0
  • v2.6.4
  • v2.6.3
  • v2.6.2
  • v2.6.1
  • v2.3.10
  • v2.5.4
  • v2.4.10
  • v2.6.0
  • v2.6.0-rc3
  • v2.5.3
26 results

git-rfc3161

  • Clone with SSH
  • Clone with HTTPS
    • user avatar
    Add time-stamping functionality to git tag
    Anton Wuerfel authored 
    This commit introduces command line options for git tag to allow adding trusted
time-stamps from a Time Stamping Authority according to RFC3161.

The SHA-1 has used for a time-stamp signature is generated from the header data
and the tag message, if present. After obtaining the time-stamp signature, it is
inserted into the object header under the `timesig`-key in a custom PEM-like
format. If the tag is also GPG-signed, the GPG signature includes the time-stamp
signature to prevent attackers from altering the time-stamp signature or
replacing it.

However, it is still possible to create tags with only a GPG signature or only a
time-stamp, although it is recommended to additionally GPG-sign time-stamp
signatures for the reasons stated above.

In contrast to the GPG signature, the time-stamp signatures are part of
the header, emulating the way GPG signatures of signed commits are stored. This
facilitates implementing RFC3161 time-stamps for commits eventually.

Signed-off-by: default avatarAnton Würfel <anton.wuerfel@fau.de>
Signed-off-by: default avatarPhillip Raffeck <phillip.raffeck@fau.de>
    11dab239
    History
    user avatar 11dab239
    History
    Name Last commit Last update