Signed release tags

Joel Brobecker brobecker@adacore.com
Thu Feb 6 09:39:00 GMT 2014


> IMHO it would be nice to have the release tag in git be GPG-signed.
> WDYT?

I suppose I could do it if has any benefit. I've never really worked
in an area where I felt that signing was really worth the trouble,
so I'm a little ignorant in that area.

I sign the release tarballs just because I have to. I've now added
my key to some keyring for people to be able to verify it. I guess
signing the tag will only make sure that I was the author of the
tag?

Anyways, no objection from me. I'll just follow whatever people
think is best.

-- 
Joel



More information about the Gdb mailing list