[Whonix-devel] How safe are signed git tags? Only as safe as SHA-1 or somehow safer?

Whonix | Privacy and Anonymity OS newblogpost at whonix.org
Mon Nov 3 10:41:08 CET 2014


Info How safe are signed git tags? Especially because git uses SHA-1. There is contradictory information around. So if one verifies a git tag (`git tag -v tagname`), then `checksout`s the tag, and checks that `git status` reports no untracked/modified files, without further manually auditing the code, how secure is this actually? Is it only[...]

This post has been automatically cross-posted by whonix.org/blog To see the original (including links), go to http://www.whonix.org/blog/git-verification-security



More information about the Whonix-devel mailing list