1 |
>>>>> "RHJ" == Robin H Johnson <robbat2@g.o> writes: |
2 |
|
3 |
>> Include the signing keyid in the filename to support both allowing |
4 |
>> multiple devs to sign a file and an easy indication of who signed it. |
5 |
|
6 |
RHJ> You can extract keyid from any signature trivially. |
7 |
|
8 |
But if it is not in the filename you cannot have multiple sig files. |
9 |
|
10 |
>> Don't stop everything just because /one/ package has a problem. |
11 |
|
12 |
RHJ> This is already controllable. |
13 |
|
14 |
If you mean --keep-going, that may work sometimes, but never did when I |
15 |
really needed it. |
16 |
|
17 |
>> And think about a way to sign Changelog entries. |
18 |
|
19 |
RHJ> We wanted commit-signing with the git migration... |
20 |
|
21 |
Good choice. |
22 |
|
23 |
-JimC |
24 |
-- |
25 |
James Cloos <cloos@×××××××.com> OpenPGP: 1024D/ED7DAEA6 |