Re: PROPOSAL: GPG Signing of Releases
From: <kfogel_at_collab.net>
Date: 2004-04-12 17:27:33 CEST
Justin Erenkrantz <justin@erenkrantz.com> writes:
Oh -- if we're going to bound forever to use it, then I wouldn't
Do you think its absence later would cause real worry?
> I think you're also ignoring the fact that most of the other
The majority is not *so* overwhelming as to stop all discussion :-).
The point I'm trying to make (but didn't make very clearly before) is
By signing only with individual keys, *we* make a certain
But by signing with individual keys and a project key, we let each
Since it's the user's security & hassle in question here, I feel it's
However, it's not the most important issue in the world either. If we
Does that clarify things a bit better?
-Karl
---------------------------------------------------------------------
|
This is an archived mail posted to the Subversion Dev mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.