On Fri, Aug 25, 2017 at 08:12:12AM +0200, Anselm R Garbe wrote: > - (optional) repo owners/maintainers should sign their future git tags > for release creation by using their own private PGP key.
Optionally, for those who don't want to use OpenPGP, the author of libsodium
created Minisign back in 2015. It only signs and verifies, and does not do any
encryption or decryption, but it might be worth looking into for those who
don't want to rely on OpenPGP keys.
https://github.com/jedisct1/minisign
--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
signature.asc
Description: PGP signature
