On Mon, Jan 28, 2008 at 06:12:34AM +0000, Sam Vilain wrote: > This does force potential contributors to get PGP keys, and get them > signed - but that seems to me to be a reasonable barrier of entry and > may even help drive some PGP adoption. > > Remember this is a proof of concept, so let's discuss the design first > and not worry too much about the glaring bugs yet. FWIW I'm really interested into such a "thing", and that I'd like to avoid giving unix (even with git-shell, not only because of security, but because it pollutes the machine setup a lot) accounts to my git servers, though would like to let people help in my Debian packaging. Fors us GPG isn't an issue, as every single DD or wannabe has a GPG key :) Note though that the fact that you need to push a dummy tag is somehow disgusting IMHO, it should at least be integrated into git-push so that the user doesn't have to generate the dummy tag himself. -- ·O· Pierre Habouzit ··O madcoder@xxxxxxxxxx OOO http://www.madism.org
Attachment:
pgph3sZTX47r5.pgp
Description: PGP signature
