Re: [PATCH 1/2] release: provide clearsigned sha256sum

Subject: Re: [PATCH 1/2] release: provide clearsigned sha256sum

Date: Sat, 23 Mar 2019 13:56:01 +0100

To: David Bremner, notmuch@notmuchmail.org

Cc:

From: Daniel Kahn Gillmor

On Tue 2019-03-19 07:08:18 -0300, David Bremner wrote:
> To quote id:87ftrpgjdb.fsf@fifthhorseman.net
>
>      if the thing verified is the output of sha256sum, then the
>      *filename* of the tarball itself is included, then the standard
>      verification step will is sufficient to ensure that you've got the right
>      version in the filename.
>
> This is in addition to the detached signature on the tarball

I think the 3-part series i published starting at
id:20190323123544.6264-1-dkg@fifthhorseman.net supercedes this patch.

thanks for maintaining our release processes, David!

       --dkg
signature.asc (application/pgp-signature)
_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
https://notmuchmail.org/mailman/listinfo/notmuch

Thread: