Bug 322 - deploy git commit signoff and git tag signing
Summary: deploy git commit signoff and git tag signing
Status: CONFIRMED
Alias: None
Product: Libre-SOC's first SoC
Classification: Unclassified
Component: Source Code (show other bugs)
Version: unspecified
Hardware: Other Linux
: --- enhancement
Assignee: Luke Kenneth Casson Leighton
URL:
Depends on:
Blocks:
 
Reported: 2020-05-18 22:01 BST by Luke Kenneth Casson Leighton
Modified: 2020-05-18 22:04 BST (History)
2 users (show)

See Also:
NLnet milestone: ---
total budget (EUR) for completion of task and all subtasks: 0
budget (EUR) for this task, excluding subtasks' budget: 0
parent task for budget allocation:
child tasks for budget allocation:
The table of payments (in EUR) for this task; TOML format:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Luke Kenneth Casson Leighton 2020-05-18 22:01:58 BST 
https://bugs.libre-soc.org/show_bug.cgi?id=266#c3

relying solely on https paints a hacking target on our server.  if however the commits or tags are GPG signed, these are offline, distributed, and harder to compromise.

this will become relevant when we start doing releases.