Bill Fenner <fen...@gmail.com> wrote: > mcr suggested: >> I wonder if we should nuke our own make tarball system.
> The creation of a tarball and its signature gives a place to hang one's hat > about origin of code - "someone with the right key claims that this tarball > genuinely reflects what the project wants to distribute". Is there a > similar mechanism for a git tag? Yes, git tag -s, lets you sign a commit with a PGP key.
_______________________________________________ tcpdump-workers mailing list -- tcpdump-workers@lists.tcpdump.org To unsubscribe send an email to tcpdump-workers-le...@lists.tcpdump.org %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s