After UMN Debacle, Patatt Aims To Provide Cryptographic Attestation For Patches
Written by Michael Larabel in Programming on 30 May 2021 at 05:53 AM EDT. 8 Comments
PROGRAMMING --
Linux kernel developer Konstantin Ryabitsev has been working on Patatt as a cryptographic-based patch attestation system. While started a while ago, there is renewed interest in such patch attestation following the University of Minnesota "hypocrite commit" debacle.

Patatt allows for optionally adding end-to-end cryptographic attestation to patches and its design is based on the DKIM email signature standard. Patatt can be used for signing code patches in workflows involving email patch submission, such as is the case for the Linux kernel development.

This opt-in patch attestation aims to be as simple to use as possible, non-intrusive, and be straight-forward to adopt. The latest b4 0.7 release also adds support for using Patatt, which itself can be easily installed via Python's pip.

Those interested in learning more about Patatt for patch attestation can see Konstantin's blog post as well as the README on the GitHub repository. It remains to be seen if/when though more kernel developers will be encouraged or recommended to use a solution like Patatt for their email based patch exchanges.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week