On Wed, Dec 14, 2011 at 06:50:07PM -0800, Linus Torvalds wrote:
> On Wed, Dec 14, 2011 at 11:20 AM, Theodore Ts'o <tytso@xxxxxxx> wrote:
> >
> > There is a signed tag tytso-for-linus-20111214 covering these patches,
> > which fix a potential hang, crash (on big endian), and data corruption
> > bugs which show up when using fsx and/or Hugh's kernel compile/mm
> > torture test.
>
> Ok, since I build my own git versions, I have one that can pull signed
> tags and automatically verifies them and saves the signed tag
> information as part of the commit object.
Cool! Does it save enough that GPG signature information can be
verified later? I'm a little fuzzy on what is covered by the
signature which gets verified when you run the command "git verify-tag
tytso-for-linus-20111214". Better yet, does the new version of git
have a command that will automatically verify the digital signature
found in a merge commit?
And this isn't in 1.7.8 yet, right? I'd have to build version of git
based on the next branch to play with this new signatury goodness?
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
