Todd Denniston wrote: >What about instead of, or in addition to, what you are suggesting for >expired/revoked signatures, the sig ring should keep data on when keys >expired (already there correct?) or got revoked and thus CVS should flag new >sigs with those keys after the expire/revocation to notify the users, but >the old sigs should still be good/acceptable. Or have I just slipped of my >rocker? > >
I'm not sure what you mean. The `cvs verify' command, and the automatic verification that can be performed on checkout, will notice any expired or revoked keys as invalid signatures. This will be flagged as an error if there are not other, valid, signatures attached to the revision. Did you have something else in mind? Regards, Derek -- Derek R. Price CVS Solutions Architect Ximbiot <http://ximbiot.com> v: +1 717.579.6168 f: +1 717.234.3125 <mailto:[EMAIL PROTECTED]> _______________________________________________ Bug-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/bug-cvs
