[Swan-dev] git tagging best practices

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Mar 19 17:02:24 UTC 2019 

Hi Libreswan folks--

I've been looking at git release tag verification across the broader
free software ecosystem, and i want to commend the libreswan project on
its release tagging practices.

In particular, i note that every modern libreswan tag is
cryptographically signed, and its tag message contains not only the
version number but also a list of relevant changes in the release.

I have two suggestions for improvements to future git tag messages:

 a) (nit-pick) please include a blank line between the initial
    version/date line and the rest of the message.

 b) please include the work "Libreswan" in the "subject" line of the tag
    message.  So rather than "v3.28 (June 03, 2019)", the subject line
    would be "Libreswan v3.28 (June 03, 2019)" (btw, i'm not trying to
    set a timeline for the release of v3.28, just using an imaginary
    future release to avoid implying that i think you need to
    retroactively change already-existing tags, which i'm not asking you
    to do)

The rationale for (a) is just to have the tag message conform more
closely to git's conventional "subject" and "body" commit message
format.

The rationale for (b) is that it lets downstream verifiers distinguish
between something signed by Paul Wouters' key that *is* a libreswan
release, and something signed by Paul's key that *isn't* a libreswan
release.  This is a subtle point (and maybe irrelevant if Paul never
releases any software other than Libreswan), but one that would be great
to establish as a baseline.

I'm asking this of libreswan because what i really want is an exemplar
that i can point other projects to and say "do it like they do".  And i
also want to encourage downstream verifying tools to build sensible
automated new release verification steps, and being able to point to a
project and say "this tool should at least be able to verify a new
Libreswan release isn't just a maliciously-renamed tag from some other
git repository".

let me know if i can help make this change happen for future releases!
i couldn't find any script for generating the tag in the libreswan repo,
but maybe i wasn't looking in the right place.

All the best,

          --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20190319/6b4a0bbf/attachment.sig>

More information about the Swan-dev mailing list