@matt@kornel Thanks Matt! I should also stress that this is a piece you kinda need to read all the way through. A few people have come away from reading the headline with the idea that I just don't like git commit signing specifically and they should turn it off as opposed to turning it on. For some people, in some situations, it makes perfect sense and it's a fine security primitive. To quote one of the last paragraphs of the blog:
> Git commit signing itself is not particularly consequential
@bjfs84 As a protocol it's full of outdated weak cryptography, without a clear path to migrate away from it, so even modern reimplementations bring back the broken algorithms for compatibility. From tooling perspective, gpg is overcomplicated with dangerously bad defaults, and shoddy integrations. Its use in e-mail is hopelessly unfixably terrible. While it could be just used as a key format, that needlessly pulls in all of the complexity and old cruft for the failed features.
@kornel fair enough, I remember one company having https://www.passwordstore.org as their secret storage solution. Oh my, it was a menace trying to sign every new user, often breaking the chain for others xD
GnuPG, with all sentiment to FSF. Feels like a legacy product...
Add comment