[ANNOUNCE] bzr-svn 0.4.1
Robert Collins
robertc at robertcollins.net
Mon Aug 27 23:44:52 BST 2007
On Mon, 2007-08-27 at 15:30 -0700, John Whitley wrote:
> Jelmer Vernooij wrote:
> > Adeodato Simó wrote:
> >> Is there a compelling reason to sign the tar and not the tar.gz?
> > Mainly a matter of habit: I do this so if I also distribute a .tar.bz2
> > file, I only need one signature.
If you need to optimise the number of signatures, its better to:
make a tar.gz
make a tar.bz2
sha1sum both to a text file
sign that
-Rob
--
GPG key available at: <http://www.robertcollins.net/keys.txt>.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20070828/8688573a/attachment.pgp
More information about the bazaar
mailing list