On Thu, Jun 22, 2017 at 21:12:27 +0200, Ludovic Courtès wrote: > I think only GNU and kernel.org provide signatures, which represents 6% > of our packages. Of the 30% that do not have an updater, surely some > have digital signatures, but we’re probably still below 10%. The > situation is bad in general…
What about signed tags/commits? -- Mike Gerwitz Free Software Hacker+Activist | GNU Maintainer & Volunteer GPG: D6E9 B930 028A 6C38 F43B 2388 FEF6 3574 5E6F 6D05 https://mikegerwitz.com
signature.asc
Description: PGP signature
