question about gpg signed commits
Alexander Belchenko
bialix at ukr.net
Tue Jan 16 10:20:42 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'd like to understand gpg signed commits.
Working on bzr-config I study gpg-related options.
There is bzr command 'sign-my-commits', but no other
commands like verify?
I don't understood how this infrastructure should work
in general and in details. Do I need sign my commits
for bzr.dev? For my own bzr-related projects?
What means signed repository for another people who
want to checkout my signed repository? Does people
should mandatory have my open key to working with
signed repository?
Alexander
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFrKb6zYr338mxwCURAjTNAJ4iJ3mYcwxzOTKgBurtG3se/1psdQCcCYWc
PCC90EZAzxbre+BjJORzdFE=
=FbwW
-----END PGP SIGNATURE-----
More information about the bazaar
mailing list