GNU bug report logs - #24461
Signing Emacs git release tags

Package: emacs;

Reported by: Rob Browning <rlb <at> defaultvalue.org>

Date: Sun, 18 Sep 2016 18:13:02 UTC

Severity: wishlist

View this message in rfc822 format

From: Stefan Kangas <stefan <at> marxist.se>
To: Rob Browning <rlb <at> defaultvalue.org>
Cc: John Wiegley <jwiegley <at> gmail.com>, Nicolas Petton <nicolas <at> petton.fr>, 24461 <at> debbugs.gnu.org
Subject: bug#24461: Signing Emacs git release tags
Date: Sun, 29 Sep 2019 18:22:06 +0200

Rob Browning <rlb <at> defaultvalue.org> writes:

> In any case, after originally filing this, I noticed that you had signed
> commits, and I just rely on those now.  So while it might still be nice
> to have signed tags (too), it's not all that important to me anymore.

I think signing tags is different than signing commits.  A signed tag
means you can have more trust that you are using the code with the
latest fix to security problem X, announced to have been released in
tagged Emacs version Y, and not code missing that fix.

Best regards,
Stefan Kangas

This bug report was last modified 3 years and 86 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #24461 Signing Emacs git release tags

GNU bug report logs - #24461
Signing Emacs git release tags