From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex Vong <alexvong1995@gmail.com>
Subject: Re: push right for trivial commits
Date: Fri, 23 Nov 2018 03:30:08 +0800
Message-ID: <87ftvsoqpr.fsf@gmail.com>
References: <875zxej04d.fsf@gmail.com> <87k1lq5tv0.fsf@gnu.org>
	<87d0rd2tj6.fsf@gmail.com> <87sh07r285.fsf@gnu.org>
	<87sh05zr5q.fsf@gmail.com> <20181113123153.xvdmwo7e46m5ap5t@abyayala>
	<878t1wj6a0.fsf@gnu.org> <87ftvu6vp6.fsf@gmail.com>
	<20181122180830.GA30673@jasmine.lan>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44013)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <alexvong1995@gmail.com>) id 1gPugF-0004s9-53
	for guix-devel@gnu.org; Thu, 22 Nov 2018 14:30:29 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <alexvong1995@gmail.com>) id 1gPugC-0001yf-1P
	for guix-devel@gnu.org; Thu, 22 Nov 2018 14:30:27 -0500
In-Reply-To: <20181122180830.GA30673@jasmine.lan> (Leo Famulari's message of
	"Thu, 22 Nov 2018 13:08:30 -0500")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain

Leo Famulari <leo@famulari.name> writes:

> On Thu, Nov 22, 2018 at 04:07:33AM +0800, Alex Vong wrote:
>> I think ECC key works with commit signing precisely because commit
>> signing simply requires Savannah to store the key. However, for
>> functionalities provided by Savannah (e.g. sending email to your address
>> encrypted with your ECC public key), it wouldn't work (as mentioned in
>> <https://savannah.gnu.org/support/?109583>).
>
> To clarify, Savannah doesn't require you to store any key at all in
> order to sign Git commits. I think that Savannah accounts don't
> integrate with Git at all; they simply offer hosted Git repositories,
> and commit signing is a feature of Git.
>
> We require Guix contributors to upload their keys to their Savannah
> account so that there is an authoritative source of signing keys.

I see, so it's a guix policy rather than a technical
requirement. Indeed, we can download the key from
<https://savannah.gnu.org/users/********>

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQQwb8uPLAHCXSnTBVZh71Au9gJS8gUCW/cDwAAKCRBh71Au9gJS
8tixAP9fUH1hbuzYAHzCFurqLYekkSwWXilEH1sESS6Ff0yi2QD/URSFvG/5OUk2
BJWGZh7Kv+pr7Lic+pYKkSHRHdi9Jgs=
=LHgU
-----END PGP SIGNATURE-----
--=-=-=--