Bill Fenner <fen...@gmail.com> wrote:
> mcr suggested:
>> I wonder if we should nuke our own make tarball system.
> The creation of a tarball and its signature gives a place to hang one's
hat
> about origin of code - "someone with the right key claims that this
tarball
> genuinely reflects what the project wants to distribute". Is there a
> similar mechanism for a git tag?
Yes, git tag -s, lets you sign a commit with a PGP key.
_______________________________________________
tcpdump-workers mailing list -- tcpdump-workers@lists.tcpdump.org
To unsubscribe send an email to tcpdump-workers-le...@lists.tcpdump.org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
