diff options
author | Nicholas Johnson <nick@nicholasjohnson.ch> | 2024-05-26 00:00:00 +0000 |
---|---|---|
committer | Nicholas Johnson <nick@nicholasjohnson.ch> | 2024-05-26 00:00:00 +0000 |
commit | 8193b4daba5bcf5502701f1e9e22f9390bac86b0775d49ef3509444d11ba45e8 (patch) | |
tree | 22df9a5b8950530903e61724854d5952c772710b8de36b48a35e9cedc6090112 /content/entry/why-i-timestamped-my-journal.md | |
parent | 9101e9507e26a9725d5929ebb1fd0c347269056c65842161a8ed3b39cd2607e4 (diff) | |
download | journal-8193b4daba5bcf5502701f1e9e22f9390bac86b0775d49ef3509444d11ba45e8.tar.gz journal-8193b4daba5bcf5502701f1e9e22f9390bac86b0775d49ef3509444d11ba45e8.zip |
Flatten directory structure
Diffstat (limited to 'content/entry/why-i-timestamped-my-journal.md')
-rw-r--r-- | content/entry/why-i-timestamped-my-journal.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/content/entry/why-i-timestamped-my-journal.md b/content/entry/why-i-timestamped-my-journal.md index 37500b1..9b416d8 100644 --- a/content/entry/why-i-timestamped-my-journal.md +++ b/content/entry/why-i-timestamped-my-journal.md @@ -33,7 +33,7 @@ Commands: ```sh git clone https://git.nicholasjohnson.ch/journal && cd journal -ots verify -d "$(git show-ref --hash signify-signature-10)" static/resource/timestamp-2.ots +ots verify -d "$(git show-ref --hash signify-signature-10)" static/timestamp-2.ots ``` @@ -45,6 +45,6 @@ Timestamp chaining could perhaps provide stronger assurance of the legitimacy of But one good idea contained in that entry was to restamp this journal's Git repo to future-proof its timestamp. The old timestamp was performed on the old repo which used the broken SHA-1 hashing algorithm. Since then, I converted the repo to the new SHA-2 object format and SHA-2 support in Git has been stabilized. So everything I needed to create a new, stronger timestamp was present. Well, almost everything. -The only issue I ran into was that the OpenTimestamps software does not have sufficient [Git integration](https://github.com/opentimestamps/opentimestamps-client/blob/master/doc/git-integration.md "OpenTimestamps Git Integration") to embed timestamps within Git objects in SHA-2 repos like it can for SHA-1 repos. So I just timestamped [the most recent tag](https://git.nicholasjohnson.ch/journal/tag/?h=signify-signature-10 "Most Recent Tag of Journal Repo") manually, creating a fully separate [.ots proof file](/resource/timestamp-2.ots "Timestamp Proof File") which is verified without using OpenTimestamps' GnuPG wrapper. +The only issue I ran into was that the OpenTimestamps software does not have sufficient [Git integration](https://github.com/opentimestamps/opentimestamps-client/blob/master/doc/git-integration.md "OpenTimestamps Git Integration") to embed timestamps within Git objects in SHA-2 repos like it can for SHA-1 repos. So I just timestamped [the most recent tag](https://git.nicholasjohnson.ch/journal/tag/?h=signify-signature-10 "Most Recent Tag of Journal Repo") manually, creating a fully separate [.ots proof file](/timestamp-2.ots "Timestamp Proof File") which is verified without using OpenTimestamps' GnuPG wrapper. Hopefully the new timestamp lasts. If not, both [Software Heritage](https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https://git.nicholasjohnson.ch/journal "Journal Repo on Software Heritage") and [Archive.org](https://web.archive.org/web/*/https://nicholasjohnson.ch/ "Journal on Archive.org") have centralized timestamps of this journal as fallbacks. |