On 01/25/2017 12:43 AM, Stefan Beller wrote: > On Tue, Jan 24, 2017 at 3:33 PM, Cornelius Weig > <cornelius.weig@xxxxxxxxxxx> wrote: >> On 01/25/2017 12:24 AM, Junio C Hamano wrote: >>> Cornelius Weig <cornelius.weig@xxxxxxxxxxx> writes: >>> >>>>> Please study item (5) "Sign your work" in >>>>> Documentation/SubmittingPatches and sign off your work. >>>> >>>> I followed the recommendations to submitting work, and in the first >>>> round signing is discouraged. >>> >>> Just this point. You found a bug in our documentation if that is >>> the case; it should not be giving that impression to you. >>> >> >> Well, I am referring to par. (4) of Documentation/SubmittingPatches >> (emphasis mine): >> >> <<<<<<<<<<<<<< >> *Do not PGP sign your patch, at least for now*. Most likely, your >> maintainer or other people on the list would not have your PGP >> key and would not bother obtaining it anyway. Your patch is not >> judged by who you are; a good patch from an unknown origin has a >> far better chance of being accepted than a patch from a known, >> respected origin that is done poorly or does incorrect things. >> <<<<<<<<<<<<<< >> >> If first submissions should be signed as well, then I find this quite >> misleading. >> > > Please read on; While this part addresses PGP signing, > which is discouraged at any round, > later on we talk about another type of signing. > (not cryptographic strong signing, but signing the intent;) > the DCO in the commit message. > > So no PGP signing (in any round of the patch). > > But DCO signed (in anything that you deem useful for the > project and that you are allowed to contribute) > Right, it's crystal clear now. What confused me was the combination of > Do not PGP sign your patch, at least *for now*. (...) and then the section with heading > (5) *Sign* your work So I didn't even bother to read (5) because I deemed it irrelevant. I think if it had said `(5) *Certify* your work` this would not have happened.