Skip to content

[verify-commits] Allow revoked keys to expire #11539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
laanwj merged 1 commit into from
Oct 21, 2017
Merged

[verify-commits] Allow revoked keys to expire #11539

laanwj merged 1 commit into from
Oct 21, 2017

Conversation

@TheBlueMatt
Copy link
Contributor

@TheBlueMatt TheBlueMatt commented Oct 20, 2017

This should fix verify-commits on master.

@theuni
Copy link
Member

theuni commented Oct 20, 2017

I see how this allows expired keys to pass if revoked keys are allowed, but I'm missing what constrains expired to revoked? Also not sure why we'd want that constraint?

@TheBlueMatt
Copy link
Contributor Author

TheBlueMatt commented Oct 20, 2017

BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG is set in verify-commits.sh for every commit in contrib/verify-commits/allow-revsig-commits.

@theuni
Copy link
Member

theuni commented Oct 20, 2017

That's what I was missing, thanks.

What happens when the next unrevoked key expires, though? Wouldn't all commits signed by that key fail to verify?

@TheBlueMatt
Copy link
Contributor Author

TheBlueMatt commented Oct 20, 2017

If a key is not in-use, it should be revoked, and if it is revoked, its commits should be in allow-revsig-commits. (if its in-use, you can keep bumping the expiration date).

@theuni
Copy link
Member

theuni commented Oct 20, 2017

Sure, that makes sense. What I'm missing is how to sunset a key (a committer leaves) without having to mark all of its commits. Or is the script smart enough to stop at the first allow-revsig parent?

@TheBlueMatt
Copy link
Contributor Author

TheBlueMatt commented Oct 20, 2017 via email

@theuni
Copy link
Member

theuni commented Oct 20, 2017

Seems to me we should just have a file for expired (sub)keys, and verify-commit is allowed to return EXPKEYSIG for those. Because they'd be historical anyway.

That kind of change isn't urgent though, so utACK d23be30 for the sake of fixing master.

@laanwj
Copy link
Member

laanwj commented Oct 21, 2017

utACK

@laanwj laanwj merged commit d23be30 into bitcoin:master Oct 21, 2017
laanwj added a commit that referenced this pull request Oct 21, 2017
@laanwj
Merge #11539: [verify-commits] Allow revoked keys to expire
e668a6e 
d23be30 [verify-commits] Allow revoked keys to expire (Matt Corallo)

Pull request description:

  This should fix verify-commits on master.

Tree-SHA512: 9bfca41fdfcdb11f6d07fcbc80a7b2de37706051e963292e0fbb4c608f146c87b65ab1e8395792197b4a7099e89fa045f278a60276672f6540b68d5e15b5a4a7
maflcko pushed a commit to maflcko/bitcoin-core that referenced this pull request Oct 23, 2017
@TheBlueMatt
[verify-commits] Allow revoked keys to expire
01223a0 
Github-Pull: bitcoin#11539
Rebased-From: d23be30
codablock pushed a commit to codablock/dash that referenced this pull request Sep 30, 2019
@laanwj @codablock
Merge bitcoin#11539: [verify-commits] Allow revoked keys to expire
7919c96 
d23be30 [verify-commits] Allow revoked keys to expire (Matt Corallo)

Pull request description:

  This should fix verify-commits on master.

Tree-SHA512: 9bfca41fdfcdb11f6d07fcbc80a7b2de37706051e963292e0fbb4c608f146c87b65ab1e8395792197b4a7099e89fa045f278a60276672f6540b68d5e15b5a4a7
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TheBlueMatt @theuni @laanwj