-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Derek Price <[EMAIL PROTECTED]> writes:
> Just a quick RFC on how this will integrate into the CVS command line & > config. I'm thinking that signing will be off by default, with a simple > `-g' global option to enable it. > > Since adding -g to a .cvsrc might not be acceptable for users that work > with multiple roots, I think this should also be implemented as a method > option that can be added to a CVSROOT string > <http://ximbiot.com/cvs/wiki/index.php?title=CVS--Concurrent_Versions_System_v1.12.12.1:_The_Repository#The_connection_method>. What option name do you suggest? :ext;sign=yes: ? > > Servers would have a three-level GPG requirement setting in CVSROOT/config: > > RequireGPGCommitSignatures=(no|yes|verify) I don't know if the GPG name needs to be present or not. Folks could use PGP or GPG or any other OpenPGP conformant program to get the job done, couldn't they? > > Where `no' means signatures are allowed but not required, `yes' means > signatures are required, and `verify' means that signatures are required > and that the server verifies that submitted signatures are valid before > allowing a commit. I'm not sure that verify makes sense as an administrator may want to do this kind of checking in a commitinfo trigger and base it on the web of trust for a given key rather just saying it was signed... -- Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFDNFIPCg7APGsDnFERAlGOAKCSiMEY25aILx+Hxe9/uG9uOGdELgCfR+ek ij0lDon80jG3OALeBbn5fXw= =Rj0p -----END PGP SIGNATURE----- _______________________________________________ Bug-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/bug-cvs
