On Thu, Mar 24, 2011 at 5:59 PM, Mike Frysinger <vap...@gentoo.org> wrote: > is there any reason we should allow people to commit unsigned > Manifest's anymore ? generating/posting/enabling a gpg key is > ridiculously easy and there's really no excuse for a dev to not have > done this already. >
Is there some plan to make verification of signed Manifests easy/automatic for end users? Or am I misunderstanding the point of Manifest signing?
