I did some background checking: the sign file is actually the "sign-off"
signature of the corresponding git version tag. The meaning of this
"sign-off" value is defined by the project. In many open source projects it
means that the contribution is original and that there are no copyright
infrin
On Thursday, June 22, 2017 at 8:49:30 AM UTC-7, Tamar wrote:
>
> The .sign files are PGP files. I suspect you can verify the signature like
> this (didn't check):
>
> *gpg --verify doc.sig doc*
>
>
I managed to resolve this. This "gpg" command doesn't work, because I
don't have the public key, b
The .sign files are PGP files. I suspect you can verify the signature like
this (didn't check):
*gpg --verify doc.sig doc*
See https://www.gnupg.org/gph/en/manual/x135.html for a complete story on
how to use signatures and how to verify them.
On Thursday, June 22, 2017 at 5:43:32 PM UTC+2, Da