On Tue, Jan 24, 2017 at 3:33 PM, Cornelius Weig <cornelius.weig@xxxxxxxxxxx> wrote: > On 01/25/2017 12:24 AM, Junio C Hamano wrote: >> Cornelius Weig <cornelius.weig@xxxxxxxxxxx> writes: >> >>>> Please study item (5) "Sign your work" in >>>> Documentation/SubmittingPatches and sign off your work. >>> >>> I followed the recommendations to submitting work, and in the first >>> round signing is discouraged. >> >> Just this point. You found a bug in our documentation if that is >> the case; it should not be giving that impression to you. >> > > Well, I am referring to par. (4) of Documentation/SubmittingPatches > (emphasis mine): > > <<<<<<<<<<<<<< > *Do not PGP sign your patch, at least for now*. Most likely, your > maintainer or other people on the list would not have your PGP > key and would not bother obtaining it anyway. Your patch is not > judged by who you are; a good patch from an unknown origin has a > far better chance of being accepted than a patch from a known, > respected origin that is done poorly or does incorrect things. >>>>>>>>>>>>>>> > > If first submissions should be signed as well, then I find this quite > misleading. > Please read on; While this part addresses PGP signing, which is discouraged at any round, later on we talk about another type of signing. (not cryptographic strong signing, but signing the intent;) the DCO in the commit message. So no PGP signing (in any round of the patch). But DCO signed (in anything that you deem useful for the project and that you are allowed to contribute)