Re: Gnome Flatpak build system, descriptions and questions


On Fri, Aug 26, 2016 at 10:17:04AM -0500, Michael Catanzaro wrote:
No. I used to do this, but stopped a couple years ago because it was
pointless. Nobody should trust my key, so why use it?

Why shouldn't anybody trust my key if it has been signed by other
members of the community?

By the way, I have always signed my tags (using git tag -s), and I
don't think I am the only one. :) eg., gnome-keyring tags are often
signed. The only exceptions have been when I had to urgently make a
release from a machine that didn't have my GPG key, but those
occasions have been exceedingly rare.


Attachment: pgpNfHvjNXKE0.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]