| 1 |
On Mon, Jun 4, 2012 at 10:41 PM, Brian Harring <ferringb@×××××.com> wrote: |
| 2 |
> The dev, prior to signing that, should be verifying what they're |
| 3 |
> adding (moreso, what exists between last signed rev and theirs), they |
| 4 |
> agree to and know of. Specifically, they're asserting their addition. |
| 5 |
|
| 6 |
What Rich is arguing (and which I think makes some sense) is that |
| 7 |
people will probably not be inclined to verify the signature of the |
| 8 |
tree they just pulled from gentoo-x86. We can't really force them too, |
| 9 |
since it happens on their own machine. |
| 10 |
|
| 11 |
Still, I think we should drop this discussion for now. |
| 12 |
|
| 13 |
Cheers, |
| 14 |
|
| 15 |
Dirkjan |
Archives