[Aurornis]

> Most people don’t worry about it for the same reason they don’t worry about GitHub abusing their GitHub account

Even with GitHub we don’t hand over our private keys to the GitHub server, though.

When I commit to my repos the commits are still signed by the private key that lives on my computer. Someone could take over my GitHub account and they wouldn’t be able to sign commits with the private key on my PC.

They could technically add a new public key and sign new commits with that key, but I could cryptographically point to the change and show that the key changed at time of takeover and disavow it.

[throawayonthe]

right but that's possible with tangled too, that's a git specific thing

[skybrian]

Good point, but how many projects require people to sign their git commits? it's not something I've had to do at all.

If you're not signing them then hosting on GitHub gives GitHub the ability to do arbitrary commits in your name. The repo's HEAD is whatever GitHub says it is.