On Fri, May 25, 2012 at 10:59 AM, Ron Wilson <ronw.m...@gmail.com> wrote: > On top of that, could support signing one or more of the existing > signatures at the time of signing.
When I sign a commit, it can mean multiple things: 1) I wrote this (authentication) 2) I approve this (authorization) In case 1, we have a one-to-one and immutable correspondence between signature and commit artifact. This signature is the one used to pin the blame on someone if you find a backdoor in the code :-( In case 2, there can be multiple signatures, some after the fact. These could be used to keep track of code reviews and/or manager approvals. Now If I'm signing your type 2 signature, what does that actually mean? "I approve of you approving this"? Signing type 1 signatures is just the 'authorization' type signature. -- Gé _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
