On Fri, Apr 20, 2018 at 11:36:03 +0100, Daniel Berrange wrote: > On Fri, Apr 20, 2018 at 12:22:35PM +0200, Martin Kletzander wrote: > > On Thu, Apr 19, 2018 at 05:29:22PM +0100, Daniel P. Berrangé wrote: > > > On Thu, Apr 19, 2018 at 06:11:20PM +0200, Martin Kletzander wrote: > > > > On Thu, Apr 19, 2018 at 10:06:45AM +0100, Daniel P. Berrangé wrote: > > > > > On Thu, Apr 19, 2018 at 10:55:01AM +0200, Peter Krempa wrote: > > > > > > On Wed, Apr 18, 2018 at 18:35:18 +0100, Daniel Berrange wrote: [...] > > > > > > > diff --git a/.gitpublish b/.gitpublish > > > > > > > new file mode 100644 > > > > > > > index 0000000000..857f0d552c > > > > > > > --- /dev/null > > > > > > > +++ b/.gitpublish > > > > > > > @@ -0,0 +1,3 @@ > > > > > > > +[gitpublishprofile "default"] > > > > > > > +base = master > > > > > > > +to = libvir-list@xxxxxxxxxx > > > > > > > > > > > > ACK > > > > > > > > > > > > As a side-question. Does git-publish have the option to send GPG-signed > > > > > > mails? I always wanted that, but not enough to hack it into > > > > > > git-send-email. [...] > > Sure, I never meant the commits should stay signed. It doesn't really > > make much sense in most scenarios to have individual commits signed. > > Signed tag is an inherent sign for all parent commits, which is more > > than enough. What I wanted to have established was a way for the people > > receiving the commit to be able to see that it really came from me and > > it was not tampered with. For that case I only care about the medium > > (through which the commit is sent) to be covered. That's the only part > > of the chain where I'm missing some effort to enhance integrity and > > accountability. > > Oh so you don't really need git commit signing for that then. Essentially > you can just git-format the patches and do normal "email" signing when > sending them, so the receipient verifies the email, rather than the commit > patch. That sounds like something you could integrate into git-publish. Actually this is exactly what I'm looking for. I don't really care whether the commits are signed in GIT, but I care whether the emails are sent signed. It should be easy to integrate if git is able to 'am' the signed emailed patches correctly, which I did not try yet.
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
